Menu
The following information provides a simple overview of what happens with your personal data when you visit this website. Personal data are any data with which you could be personally identified. For detailed information on data protection, please refer to the full privacy policy listed below this text.
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the “Contact Details of the Responsible Party” section of this privacy policy.
Your data is collected in two ways: first, by you providing it to us voluntarily—for example, when you enter information into a contact form.
Other data is collected automatically or with your consent when you visit the website through our IT systems. This primarily includes technical data (e.g., web browser, operating system, or time of page visit). Collection of this data happens automatically as soon as you enter this website.
Some data is collected to ensure the website functions correctly. Other data may be used to analyze your user behavior. If contracts are concluded or initiated via the website, the data you submit will also be processed for contract offers, orders, or other service inquiries.
You have the right at any time to receive free information about the origin, recipients, and purpose of your stored personal data. You also have the right to demand correction or deletion of this data. If you've given consent to data processing, you may withdraw it at any time going forward. You also have the right, under certain circumstances, to request restriction of processing of your personal data. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.
You may contact us at any time regarding this or any other questions about data protection.
We host the contents of our website with the following provider:
The provider is Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4‑6, 32339 Espelkamp (hereinafter “Mittwald”).
Details can be found in Mittwald’s privacy policy: https://www.mittwald.de/datenschutz.
The use of Mittwald is based on Article 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If applicable consent has been obtained, processing will be based solely on Article 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
We have concluded a Data Processing Agreement (DPA) for the use of the above-mentioned service. This is a GDPR‑required contract that ensures the provider processes our website visitors’ personal data only according to our instructions and in compliance with the GDPR.
The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.
When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This privacy policy explains what data we collect and why. It also explains how and for what purpose this takes place.
Please note that data transmission on the Internet (e.g., communication via email) may have security vulnerabilities. It is not possible to provide complete protection of data from third-party access.
The responsible person for data processing on this website is:
Nicole von Kiwa
– Loan Broker in accordance with § 34c & § 34i GewO
Am Kaiserkai 69
20457 Hamburg
Phone: 040 ‑ 8000 84 563
Email: kundenservice@finarchi.de
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses).
Unless otherwise specified in this privacy policy, your personal data will remain with us until the purpose of processing is no longer applicable. If you assert a legitimate request for deletion or revoke consent to data processing, your data will be deleted unless we have legally permissible reasons for continued storage (e.g., tax or commercial retention obligations); in that case, deletion occurs after those reasons lapse.
If you have consented to data processing, we process your personal data based on Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, if special categories of data pursuant to Article 9(1) GDPR are processed. In case of explicit consent to transfer personal data to third countries, processing is also based on Article 49(1)(a) GDPR. If you consent to cookies or device access (e.g., via device fingerprinting), processing additionally relies on § 25(1) TDDDG. Consent can be revoked at any time. Where personal data is required to fulfill a contract or initiate pre‑contractual measures, processing is based on Article 6(1)(b) GDPR. When required to comply with legal obligations, processing is based on Article 6(1)(c) GDPR. Processing may also occur on the basis of our legitimate interest under Article 6(1)(f) GDPR. Specific legal bases for each case are detailed in the following sections of this privacy policy.
As part of our business activities, we collaborate with various external parties. Personal data is transferred to these external parties only if necessary for contract fulfillment, if we are legally obliged (e.g., tax authorities), if we have a legitimate interest under Article 6(1)(f) GDPR, or if another legal basis permits it. When using service providers, we only transfer personal data based on a valid Data Processing Agreement. In cases of joint processing, a joint processing agreement is concluded.
Many processing activities are only possible with your explicit consent. You can withdraw consent at any time. Processing carried out up to the time of withdrawal remains lawful.
If data processing is based on Article 6(1)(e) or (f) GDPR, you have the right at any time to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on those provisions. The specific legal basis for processing can be found in this privacy policy. Upon objection, we will cease processing your data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or processing is needed to assert, exercise, or defend legal claims (objection per Article 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right at any time to object to processing your personal data for such marketing purposes; this also applies to profiling when related to such direct marketing. If you object, your personal data will no longer be used for direct marketing (objection per Article 21(2) GDPR).
In the event of GDPR violations, data subjects have the right to lodge a complaint with a supervisory authority, particularly in their EU member state of residence, workplace, or the location of the alleged infringement. This right exists regardless of other administrative or judicial remedies.
You have the right to receive personal data that we process automatically on the basis of your consent or contract, in a commonly used, machine-readable format, and to have it transmitted directly to another controller, where technically feasible.
Under applicable laws, you have the right at any time to obtain, free of charge, information about your stored personal data, its origins, recipients, and processing purposes, and, if applicable, the right to rectification or deletion of this data. You may contact us at any time regarding all questions related to personal data.
You have the right to request restriction of processing your personal data. You may contact us at any time. The right to restrict processing applies in the following cases:
If processing has been restricted, such data may only be processed further—with storage exceptions—with your consent, for legal claims, to protect another person’s rights, or for important public interest reasons of the EU or member state.
For security reasons and to protect confidential data transmissions (e.g., orders or inquiries you send to us), this site uses SSL/TLS encryption. You can tell when a secure connection is active by the "https://" in your browser’s address bar and the padlock icon.
When SSL/TLS encryption is enabled, data you transmit to us cannot be read by third parties.
Our website uses the consent management technology Real Cookie Banner to obtain your permission for storing certain cookies on your device or using certain technologies, and to document that consent in a compliant manner. The provider is devowl.io GmbH, Tannet 12, 94539 Grafling (hereinafter “Real Cookie Banner”).
Real Cookie Banner is installed locally on our servers, so no connection is made to the provider’s servers. It stores a cookie in your browser to record given or withdrawn consents. These data are stored until you request deletion, delete the Real Cookie Banner cookie yourself, or the storage purpose ends. Mandatory legal retention obligations remain unaffected.
The use of Real Cookie Banner serves to collect legally required consent for cookies. The legal basis is Article 6(1)(c) GDPR.
This site uses Google Fonts for consistent font display, provided by Google. Google Fonts are hosted locally. No connection to Google’s servers takes place.
Further information on Google Fonts can be found at their FAQ: developers.google.com/fonts/faq and in Google’s privacy policy: policies.google.com/privacy?hl=de.
We manage this website using the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter “ManageWP”).
With ManageWP, we can monitor the security and performance of our website and create automatic backups. ManageWP thus has access to all site content, including databases. ManageWP is hosted on the provider’s servers.
Use of ManageWP is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in an efficient and secure operation of its website(s). If applicable consent has been obtained, processing is based solely on Article 6(1)(a) GDPR and § 25(1) TDDDG when consent includes storing cookies or device access. Consent can be revoked at any time.
The company holds certification under the “EU‑US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards in U.S. data processing. Each DPF-certified company commits to observe these standards. For more information, consult the provider via: dataprivacyframework.gov/participant/4957.
We have concluded another Data Processing Agreement for the above-mentioned service, which ensures the provider processes visitors’ personal data only according to our instructions and in compliance with the GDPR.
Do you have questions about our services or would you like to schedule a consultation appointment?
Feel free to call us or send us a message!
Please leave us a equest.