MhM-Privacy protection

Privacy policy

Privacy policy for
Mieter helfen Mietern
Hamburger Mieterverein e.V.
Bartelsstraße 30, 20357 Hamburg

Responsible handling of personal data is a high priority for us. We want you to know what data we collect and how we use it. We have taken technical and organisational measures to ensure that the regulations on data protection are observed both by us and by our external service providers. To comply with all legal obligations to inform and educate, we would like to inform you below about how Mieter helfen Mieter, Hamburger Mieterverein e.V. as the operator of this website processes your data and what rights you are entitled to concerning data processing. The information relates to data processing in connection with your visit to this website.

1. Subject of data protection

The subject of data protection is personal data. According to Art. 4 DSGVO, this data is all information relating to an identified or identifiable person. This includes, for example, information such as names, postal addresses, e-mail addresses, or telephone numbers, but also usage data such as your IP address or content data such as the messages you write to us via the contact form.

2. Name and contact details of the person responsible for processing and the company data protection officer

This data protection information applies to data processing by:
Mieter helfen Mietern Hamburger Mieterverein e.V. (MhM),
Bartelsstraße 30, 20357 Hamburg Germany
Tel. 040 431 394-0 Fax 040 431 394-44
Responsible persons: MhM Executive Board - Thomas Breckner, Eva Proppe, Udo Smetan can be reached via MhM, e-mail:

MhM's company data protection officer, Ms. Sabine Weis, can be reached at the above address or

3. Collection and storage of personal data as well as type and purpose of their use

External Hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via website.

The use of the Hoster is to fulfil the contract vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b DSGVO). Our Hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions concerning this data.

To guarantee processing in compliance with data protection regulations, we have concluded a contract for order processing with our host.

For reasons of IT security, we would like to refrain from publicly naming our hosting service here. Please feel free to write to us if you want to know who it is.

a) When visiting the website

When you access our website, information is automatically sent to the server of our website by the browser used on your terminal device. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:

  • The IP address of the requesting computer,

  • Date and time of access,

  • The name and URL of the retrieved file.

We process the above data for the following purposes:

  • To ensure a smooth connection of the website,

  • Ensuring comfortable use of our website,

  • Evaluation of system safety and stability, and

  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest follows from the above-mentioned purposes for data collection. Under no circumstances do we use the data collected to draw conclusions about your person.
Furthermore, we use cookies and analysis services when you visit our website. You will find more detailed explanations in sections 4 and 5 of this data protection declaration.

b) When registering for our newsletter

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to check that you are the owner of the e-mail address provided and that you agree to receive the newsletter. We use these data exclusively for sending the requested information and offers.

To ensure that the newsletter is sent by agreement, we use the so-called double opt-in procedure. In the course of this procedure, the potential recipient can be added to a distribution list. Subsequently, the user receives a confirmation e-mail to confirm the registration in a legally binding manner. Only if the confirmation is made, the address is actively included in the distribution list.

Provided that you have expressly consented in accordance with Art. 6 para. 1 S. 1 lit. a DSGVO, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an e-mail address. We do not use the tracking function offered by Newsletter2Go.

You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can send your cancellation request at any time by e-mail to

This website uses Newsletter2Go for sending newsletters. The provider is Newsletter2Go GmbH, Nürnberger Straße 8,10787 Berlin, Germany. Newsletter2Go is a service that can be used, among other things, to organise and analyse the dispatch of newsletters. The data you enter to subscribe to the newsletter is stored on the servers of Newsletter2Go in Germany.

We have concluded a contract with Newsletter2go in which we commit Newsletter2go to protect the data of our customers and not to pass it on to third parties. Newsletter2Go is not allowed to sell your data or use it for other purposes than for sending newsletters. Newsletter2Go is a German, certified provider, which was selected according to the requirements of the Data Protection Basic Regulation and the Federal Data Protection Act.

You can find further information here:

You can revoke your consent to the storage of your data, your e-mail address, and its use for sending the newsletter at any time, for example by using the "unsubscribe" link in the newsletter.

c) When using our contact forms

If you have any questions of any kind, we offer you the possibility to contact us using the form provided on the website. It is necessary to provide a valid e-mail address so that we know who the enquiry comes from and can answer it. Further information can be provided voluntarily.

Data processing to contact us is carried out in accordance with Art. 6 para. 1 S. 1 lit. a DSGVO on the basis of your voluntarily given consent.

The personal data collected by us for the use of all contact forms will be sent directly to us by e-mail and processed according to your request. In this respect, our notes on data processing apply. Any further storage of personal data on the server is not carried out by the contact form used by us.

d) When using the comment function

Comments are saved with an anonymised IP address so that no personal allocation is possible.

As a user of the site, you can subscribe to comments after logging in. You will receive a confirmation email to check whether you are the owner of the email address you entered. You can cancel this function at any time via a link in the info mails. In this case, the data entered when subscribing to comments will be deleted; however, if you have submitted this data for other purposes and elsewhere (e.g. newsletter order), it will remain with us.

The comments and the associated data (e.g. IP address) are stored anonymously and remain on this website until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g. insulting comments).

The comments are stored on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke any consent you have given at any time. All you need to do is send us an informal notification by e-mail. The legality of the data processing operations already carried out remains unaffected by the revocation.

e) Online-based Audio and Video Conferences

For communication with our customers we use the online conference tool Jitsi Meet at We process the duration of the conference, start and end time of participation in the conference, number of participants and other “context information” in connection with the communication process (metadata). We also process all technical data that are required to process online communication. This includes in particular IP addresses, operating system type and version, browser type and version.We do not store the content of the conferences (audio, video, documents).

The information is processed exclusively to ensure system security and stability, as a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO.

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as the purpose for data storage no longer applies.

We have concluded an order processing contract with the hoster of the service and fully implement the strict requirements of the German data protection authorities when using Jitsi Meet.

4. Transfer of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only pass on your personal data to third parties if:

  • you have given your express consent in accordance with Art. 6 para. 1 S. 1 lit. a DSGVO,

  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

  • in the event that there is a legal obligation to pass on the data pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, and

  • this is legally permissible and is required under Art. 6 para. 1 sentence 1 lit. b DSGVO for the processing of contractual relationships with you.

5. Cookies

We only use so-called session cookies on our site to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site. Concerning the cookies generated by Matomo, we refer to section 6. of the data protection declaration below..

6. Tracking Tool Matomo

The Matomo tracking tool used by us is based on Art. 6 para. 1 p. 1 lit. f DSGVO. With the tracking measure used, we want to ensure that our website is designed in line with requirements and continuously optimised. On the other hand, we use the tracking measure to statistically record and evaluate the use of our website to optimise our offer for you. These interests are to be regarded as justified in the sense of the aforementioned regulation.

Matomo uses so-called cookies. These are text files that are stored on your computer and which enable us to analyse the use of the website. For this purpose, the usage information generated by the cookie (including your shortened IP address) is transferred to our server and stored for usage analysis purposes, which serves to optimise our website. Your IP address is immediately made anonymous during this process so that you as a user remain anonymous to us. The information generated by the cookie about your use of this website is not passed on to third parties.

7. Open street map

We use the map service of OpenStreetMap (OSM). The provider is the Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1 JU, United Kingdom We use the map material of OMS via the extension CON4GIS only through an interface, so that no cookies are set.

8. Social media plug-ins

We use Twitter on our website on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO social plug-ins of the social network Twitter to make our association better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection compliant operation must be guaranteed by their respective providers. The integration of these plug-ins by us takes place using the so-called two-click method to protect visitors to our website in the best possible way.

On our website, you will find plug-ins of the short message network of Twitter Inc. (Twitter) are integrated on our website. You can recognise the Twitter plug-ins (tweet button) by the Twitter logo on our site. An overview of tweet buttons can be found here (

If you call up a page on our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter thereby receives information that you have visited our site with your IP address. If you click on the Twitter "tweet button" while you are logged into your Twitter account, you can link the contents of our pages on your Twitter profile. This allows Twitter to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

If you do not want Twitter to be able to link your visit to our pages, please log out of your Twitter user account. For further information, please refer to the Twitter privacy policy (

9. Rights of data subjects

You have the right:

  • to request information about your personal data processed by us in accordance with art. 15 DSGVO In particular, you may request information on the purposes of the processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right of rectification, erasure, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, where applicable, meaningful information on the details thereof;

  • in accordance with Art. 16 DSGVO, to demand without delay the correction of incorrect or incomplete personal data stored by us;

  • pursuant to Art. 17 DSGVO to demand the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest, or to assert, exercise, or defend legal claims;

  • pursuant to Art. 18 DSGVO, to demand the restriction of the processing of your personal data, if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing pursuant to Art. 21 DSGVO;

  • in accordance with Art. 20 DSGVO, to receive your personal data that you have provided us within a structured, common, and machine-readable format or to request that it be transferred to another responsible party;

  • in accordance with Art. 7 para. 3 DSGVO, to revoke your consent to us at any time. As a result, we may no longer continue to process the data which was based on this consent in the future and

  • complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can turn to the supervisory authority of your usual place of residence or workplace or to our office.

10. Right of objection

If your personal data are processed based on legitimate interests in accordance with Art. 6 Paragraph 1 S. 1 letter f DSGVO, you have the right, in accordance with Art. 21 DSGVO, to object to the processing of your personal data if there are reasons for doing so arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without indicating any special situation.
If you wish to exercise your right of revocation or objection, simply send an e-mail to

11. Data security

We use the common SSL (Secure Socket Layer) procedure in connection with the highest level of encryption supported by your browser when you visit our website. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

12. Topicality and amendment of this data protection declaration

This data protection declaration is currently valid and has the status of January 2020. Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to amend this data protection declaration. You can access and print out the current data protection declaration at any time on the website at


Liability for contents

As a service provider, we are responsible for our own content on these pages in accordance with § 7 Para. 1 TMG (German Telemedia Act) and general laws. However, according to §§ 8 to 10 TMG, we are not obliged as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity.

Obligations to remove or block the use of information according to general laws remain unaffected by this. However, liability in this respect is only possible from the time of knowledge of a concrete infringement. We will remove these contents immediately on becoming aware of such legal infringements.

Liability for links

Our offer contains links to external websites of third parties, the contents of which we have no influence on. Therefore we cannot assume any liability for these external contents. The respective provider or operator of the sites is always responsible for the content of the linked sites. The linked sites were checked for possible legal violations at the time of linking. Illegal contents were not identified at the time of linking.

However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements, we will remove such links immediately.


The contents and works on these pages created by the site operators are subject to German copyright law. The reproduction, editing, distribution and any kind of use outside the limits of the copyright law require the written consent of the respective author or creator. Downloads and copies of these pages are only permitted for private, non-commercial use.

Insofar as the content on this site was not created by the operator, the copyrights of third parties are observed. In particular, third-party content is identified as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. We will remove such contents immediately upon becoming aware of any infringements.

Settlement of disputes

The European Commission provides an online dispute resolution (OS) platform:

Our e-mail address can be found in the imprint. We are not willing or obliged to participate in dispute resolution procedures before a consumer dispute resolution service.

Applicable law

The applicable law of the Federal Republic of Germany shall apply exclusively.

Mieter helfen Mietern, Hamburg, 1/30/2020