Data Protection Declaration

We want to offer our customers high-quality services. To do this, it is necessary to process data. This is only done for the explicitly stated services processed that you as our customer can reasonably expect. We do not misuse or exploit your data under any circumstances for purposes other than those stated in this privacy policy. We only process data in direct connection with the processing steps necessary for the provision of a service.

Cannon & Cannon respects your fundamental right to data protection under Article 8 of the EU Charter of Fundamental Rights and processes data relating to you strictly within the limits permitted by law. Any personal data that you voluntarily provide to us will be treated with the highest current standards of security and confidentiality and processed solely in accordance with the General Data Protection Regulation. With the following data protection declaration, we would like to inform you who is responsible, what types of personal data we process, for what purposes and to what extent.


1. Data Controller

Cannon Berlin Ltd or Cannon Berlin Mitte Ltd
Woods House
Cannon Street
County Meath
Republic of Ireland
A82 RF86


Riverside Real Estate Berlin GmbH
Wilhelm-Caspar-Wegely-Platz 10
10623 BERLIN

Management / persons authorised to represent: Jörg Sauerland


Telephone: +49 30 296 721 76

Website imprint available at:


2. Data Protection Officer

Our company data protection officer, Mr Jörg Sauerland, can be contacted by e-mail at and or by telephone +49 30 296 721 76.


3. Collection of Data

Cannon & Cannon does not collect any personal data about you on this website unless you voluntarily provide to us yourself by e-mail or via our online contact form with data such as name, address, e-mail address or telephone number. If you fill in the contact form and/or send us a message, the data received will be stored in our database and processed for the purpose of carrying out the communication you have requested. When you fill in the form, an e-mail is sent to and and a copy is saved; this copy is automatically deleted after 90 days. A copy of the data set is stored in an encrypted format on a server within the EU for backup purposes as part of our backup process.

We process the data in particular for internal record keeping purposes and to improve our services. We may, based on your consent, periodically send emails with promotional content that we believe may be of interest to you, using the email address you have provided. We may use the information to tailor the website to your interests.

If we process your personal data on the basis of your consent pursuant to Art. 6 (1) p. 1 lit. a GDPR, you have the right to revoke your consent at any time pursuant to Art. 7 (3) GDPR. This means that we will no longer process the data based on this consent in the future.


4. Data Transfers to Processors

Your data will only be passed on to third parties commissioned by us in direct connection with us and our business practice. This disclosure is directly related to what you as a data subject can expect with regard to the provision of our services. All third parties who are directly related to us are also strictly bound to comply with the GDPR and only act on our clear instructions. We do not accept responsibility for any actions contrary to a clear instruction from us in relation to this Privacy Policy by any of our third parties.

The processor will be required by us not to use another processor without the prior instruction or general written consent of Cannon & Cannon as controller. Where we give written permission, the processor must inform us of any intended change regarding the addition or replacement of other processors and give us the opportunity to object to such changes. Processors remain liable for sub-processors of personal data and are responsible for imposing appropriate contractual obligations on them.

Under no circumstances will we pass on your data to third parties who are not directly connected with us, nor will we pass it on for purposes other than those previously mentioned. Under no circumstances will we sell any data related to you.


5. Storage and Deletion

Unless your data is subject to a legal time limit, we will only retain it for as long as is necessary for the purpose for which it was processed. If we know that we are providing a service to you, or if we are no longer legally obliged to store your data, we will inform you of a planned deletion and give you the opportunity to retrieve your data first.

The data we process will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose for processing this data has ceased to apply or its processing is no longer necessary for the purpose).

If the data are not deleted because they are required for other and legally permissible purposes, their processing will be limited to these purposes, for example if data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection notices of this data protection declaration.


6. Analysis of website usage

The purpose of analysing usage of our website is to evaluate visitor flows to it, as well as behaviour, interests or demographic information, such as age or gender. In order not to create high risks for your rights, this is not done on a directly personal basis, but always on the basis of pseudonymous data. With the help of the reach analysis, we can, for example, recognise at what time our online offer or its functions or contents are most frequently used. Likewise, we can understand which areas need optimisation. In addition to web analysis, we may also use testing procedures, e.g. to test and optimise different versions of our online offer or its components.

This website uses temporary cookies to help us analyse web traffic to our website for statistical purposes. It is Cannon & Cannon’s policy never to disclose such technical information relating to website visitors to third parties unless we are required to do so by law. No information is collected that can be used by us to personally identify website visitors. Cannon & Cannon does not attempt to identify individual visitors or associate technical details with any individual. You can set your web browser to refuse cookies if you prefer.

We log the IP address of the visitor’s web server (to display the website in German or English), the top-level domain used (e.g. .com or .de), the website address from which the visitor reached us, including the search terms used.

Where we ask users to consent to the use of third-party providers, the legal basis for processing data is consent. Otherwise, the users’ data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services).

The Google Analytics service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (privacy policy available at: ) is used.

– Types of data processed: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

– Data subjects: Users (e.g. website visitors, users of online services).

– Purposes of processing: reach measurement (e.g. access statistics, recognition of returning visitors), tracking (e.g. interest/behaviour-based profiling, use of cookies), conversion measurement (measurement of the effectiveness of marketing measures), profiling (creation of user profiles).

– Security measures: IP masking (pseudonymisation of the IP address).

– Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO) or legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).


7. International Data Transfers

If we process data in a third country, i.e. outside the European Union, United Kingdom or the European Economic Area, or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only be done in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations.


8. Disclosure of Personal Data

In the course of our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. Recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.


9. Link Disclaimer

Our website may contain links to other websites and to our partners. The inclusion of any link does not imply endorsement by us of the linked website. Once you have used a link to leave our website, we cannot be responsible for the privacy of any information you provide when visiting the linked website. Please refer to privacy statements and declarations on data protection of the respective website.


10. IT Security

We take appropriate technical and organisational measures in accordance with the law, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the level of threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input of, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

In order to protect your data transmitted via our online offer, we use SSL encryption. You will recognise such encrypted connections by the prefix “https://” in the address line of your browser.

Both controllers and processors are each individually responsible for implementing the appropriate security measures. The processor is additionally obliged to take all necessary measures to comply with the technical and organisational measures required for data security pursuant to Art. 32 GDPR. Both controllers and processors will cooperate to ensure that security measures are adequate. The relationship between the controller and processor shall not reduce the level of protection of personal data.


11. Rights of Data Subjects

As a data subject, you have rights arising in particular from Articles 15 to 21 of the GDPR:

Right to object: you have the right to revoke consent given in accordance with Art. 6 (1) a GDPR at any time. You also have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) f GDPR; this also applies to profiling based on these provisions. If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

Right to access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed and to obtain information about such data as well as further information and a copy of the data in accordance with the law.

Right to rectification: You have the right, in accordance with the law, to request that data concerning you be completed or that inaccurate data concerning you be rectified.

Right to erasure: You have the right to demand that data concerning you be deleted immediately when it is ready for deletion or, alternatively, to demand restriction of the processing of the data in accordance with the legal requirements.

Right to data transfer: You have the right to receive data relating to you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements, or to demand that it be transferred to another person responsible.


12. Competent Supervisory Authority

You have the right to complain to the data protection authority if you believe that the processing of personal data concerning you violates the law:

Berlin Commissioner for Data Protection and Freedom of Information

Friedrichstraße 219 (visitor entrance: Puttkamerstraße 16) – D-10969 Berlin

Telephone: +49-30 13889-0 /


13. Updating of the Data Protection Declaration

Our privacy policy was last updated in February 2021.

Cannon & Cannon may change this statement by updating this page. Where we provide addresses and contact details of companies and organisations in this privacy statement, please note that addresses may change over time and please check the details before contacting us. Please check this page from time to time to ensure that you are happy with any changes. You will be notified by email of any major changes. The terms used are not gender specific.

The highlights of Berlin on your doorstep