Privacy Policy

This privacy statement applies for the HVB Immobilien AG website at The pages of this website may contain links to other providers, to which this privacy statement does not apply.

Personal data will collected, processesdvand used only in accordance with applicable data protection regulations.

Below you will find a quick and easy overview of what personal data we collect from you on this website and what we do with it. We also inform you of your rights under the latest data protection legislation and, of course, tell you who to contact if you have any questions.

Who is responsible for data processing, and who can I contact?

Responsible entity:

HVB Immobilien AG
Arabellastrasse 12
81925 Munich

Email: info1(at)

If you have any questions regarding data protection, please contact UniCredit Bank GmbH at the address below, which handles all incoming data protection inquiries as the responsible operating company: 

UniCredit Bank GmbH
Data Protection Officer
81925 München
E-Mail-Adresse: datenschutzrechte(at)

What personal data do we collect from you?

We collect your personal data if and when you contact us. In particular, that is, if you contact us by email or contact form. The personal data in question are your personal details (name, address, email address and other contact data).

In addition, we collect data (e.g. IP address, URL, date and time) in connection with your use of this website, but only for the duration of the communication process.

How do we use your data?

In connection with the website, we use your personal data as follows:

  • If you send us a message using the form on our website, we will use this data only to communicate with you and for the purpose for which you have given us your data and/or to the extent necessary to process your message or fulfil your request. Your personal data will not be processed or used beyond this (except in cases where we are legally obliged to do so).

What do we use your data for and on what legal basis?

For performance of a contract (Art. 6 para. 1 b GDPR)

Data processing takes place to ensure the convenient use of our website.

For purposes of [pursuing] legitimate interests (Art. 6 para. 1 f GDPR)

We may process your data beyond the actual performance of the contract or pre-contractual measures to the extent necessary to protect our own legitimate interests or those of third parties. Examples:

  • Ensuring the security and operation of IT.

Who gets my data?

Your data is disclosed to those offices that need it to fulfil our contractual and legal obligations. In particular, this includes UniCredit Bank GmbH as the responsible operating company. Service providers and subcontractors may also receive data for these purposes, provided they are bound by banking secrecy and privacy protection. In relation to this website, these are companies involved in real estate, logistics, and IT services, as well as the website’s marketing and reach measurement. We use only carefully selected service providers who are contractually obliged to process the data received exclusively according to our instructions. We do not forward your data on to other companies.

Is data transmitted to a third country or to an international organisation?

Data will not be transmitted to offices in countries outside the European Economic Area (non-member states or ‘third countries’) within the context of this website.

How long will my data be stored?

We do not process and store your personal data for longer than we need to for the respective processing purposes.

If the data is no longer required for the fulfilment of contractual or statutory obligations, it is routinely deleted, unless its (limited-time) further processing is necessary for the following purposes:

  • Fulfilment of commercial and tax retention requirements. These include requirements in the German Commercial Code (HGB), the German Fiscal Code (AO), the German Banking Act (KWG), the German Money Laundering Act (GwG) and the German Securities Trading Act (WpHG). The periods for storage and documentation specified there range from two to ten years.

What privacy rights do I have?

  • Every data subject has the right to information under Article 15 GDPR, the right of rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR. The restrictions according to sections 34 and 35 of the Federal Data Protection Act (BDSG) apply to the right to access and the right to erasure. In addition, there is a right to appeal to a supervisory authority (Article 77 GDPR in conjunction with section 19 BDSG).

If you wish to exercise your rights under data protection law, please contact the above address of UniCredit Bank GmbH, which handles all incoming data protection requests as the responsible operating company. 

Involvement of third-party services and content

Our websites may contain links to other websites to which this privacy statement does not apply. If the use of other providers’ websites involves the collection, processing or use of personal data, please note the data protection information of the respective providers.

For the visual representation of maps, this website uses the Google Inc. map service, Google Maps. When you use Google Maps, information about your use of this website (including your IP address) is transmitted to a Google server. The terms of use for Google Maps can be found at:

You can disable the Google Maps service to prevent the transfer of data to Google by disabling JavaScript in your browser. However, we would like to point out that in this case you will not be able to use the map display.

Dealing with social networks

This website does not contain social plugins like Facebook, Google+ or Twitter, only hyperlinks to social networks. This means that the social networks have no way of tracking your activities on our internet pages.

Version dated: December 19,2022