Compliance and Policies


Vonovia strictly adheres to the laws on the protection and security of personal data. This includes personal data as well as information on health, finances etc.

Information is key to Vonovia success.


The sustainable protection of this information is therefore one of our focal points. Vonovia has developed and implemented various measures to protect it.

Further information can be found at:


  • Data Protection Policy:
    This policy applies to all employees processing personal data within Vonovia. We established a binding, uniform set of Group-wide rules for the processing of personal data in compliance with the General Data Protection Regulation. It includes a clear assignment of responsibilities and contact persons for all relevant Group divisions via data protection coordinators in the specialist departments.
  • It-Security:
    In order to achieve its corporate objectives, Vonovia SE collects, creates, processes, stores and deletes sensitive and sensitive data.

    The necessity for an IT security policy results from the self-interest of the customers, employees and shareholders of Vonovia and the affiliated subgroups to preserve the company values, the image and the protection of personal data. In addition, the Group guideline aims to comply with various legal requirements, e.g. the protection of personal data of customers and employees.

  • Internal Control System:
    The Group guideline applies to entire Vonovia and all subsidiaries or joint ventures under Vonovia’s economic management and to all significant business processes of the company. The aim of this guideline is to define minimum requirements to be complied with in the context of documentation and to create binding specifications with regard to the monitoring, optimisation and further development of the internal control system.