Privacy Notice and Cookies
Despite careful control of the content, we cannot accept any liability for external links to third-party content. The protection of your personal data during the collection, processing and use whilst visiting our website is an important concern for us. Your data will be protected within the framework of legal regulations. Below you will find information on which data is collected during your visit to the website and how it is used:
1. Collection and processing of data on this website
Every access to our website and every retrieval of a file stored on our website is logged. This is done for internal, system-related and statistical purposes. The following data is logged: Name of the retrieved file, date and time of retrieval, amount of data transferred, notification of successful retrieval, web browser and requesting domain. In addition, the IP addresses of the requesting computers are logged. Further personal data is only collected if you provide this information voluntarily, e.g. as part of an order, enquiry or registration.
c) Business-related processing
In addition, we process – Contractual data (e.g., subject matter of the contract, term, customer category). – Payment data (e.g., bank details, payment history) of our customers, interested parties and business partners for the purpose of providing contractual services, service and customer care as well as marketing.
d) Collection of access data and log files
We, or rather our hosting provider, collect data on each access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f GDPR. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until the respective incident has been finally clarified.
e) Provision of contractual services
We process inventory data (e.g., names and addresses as well as contact data of users), contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b GDPR. The entries marked as mandatory in online forms are required for the conclusion of the contract.
When using our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorised use. In principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c GDPR.
We process usage data (e.g. the web pages visited on our website, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes in a user profile, e.g. in order to display product information to users based on the services they have used to date.
The deletion of the data takes place after the expiry of legal warranty and comparable obligations, the necessity of keeping the data is reviewed every three years; in the case of legal archiving obligations, the deletion takes place after their expiry. Information in any customer account shall remain until it is deleted.
When contacting us (e.g. via contact form, email, telephone or social media), the user’s details are processed for the purpose of handling the contact request and its processing in accordance with Art. 6 (1) lit. b GDPR. We delete the requests if they are no longer necessary. We review the necessity at regular intervals. Furthermore, the legal archiving obligations apply.
g) Comments and Posts
When users leave comments or other posts, their IP addresses are stored for 7 days on the basis of our legitimate interests as defined in Art. 6 para. 1 lit. f GDPR. This is done for our security in case someone leaves unlawful content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be prosecuted for the comment or post and are therefore interested in the identity of the author.
Our newsletter contains information about our products, offers, promotions and our company. You will find information on data protection, revocation, logging and the performance measurement included in the consent below.
With the following information, we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. If the contents of the Newsletter are specifically described in the course of registration, they are decisive for the consent of the user. Apart from that, our newsletters contain information about our services and us.
Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in process. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other email addresses. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored with the dispatch service provider are also logged.
Registration data: To register for the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name for the purpose of a personal address in the newsletter.
Germany: The dispatch of the newsletter and the performance measurement associated with it is based on the consent of the recipients pursuant to Art. 6 para. 1 lit. a Art. 7 GDPR in conjunction with § 7 para. 2 No. 3 of the Act against Unfair Competition or on the basis of the legal permission pursuant to § 7 para. 3 of the Act against Unfair Competition.
The logging of the registration process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR. Our interest is in the use of a user-friendly and secure newsletter system that serves our business interests as well as the expectations of the users and also allows us to prove consent.
Cancellation/revocation – You can cancel receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store unsubscribed email addresses for up to three years on the basis of our legitimate interests before deleting them for the purposes of sending newsletters in order to be able to prove consent previously given. The processing of this data is limited to the purpose of a possible defence against claims. An individual deletion request is possible at any time, provided that the former existence of consent is confirmed at the same time.
i) Newsletter – Tracking
The newsletters contain a so-called “tracking pixel”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from their server. Within the scope of this retrieval, technical information such as information on the browser and your system, as well as your IP address and the time of the retrieval are initially collected. This information is used for the technical improvement of the services on the basis of the technical data or the target groups and their reading behaviour on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our intention nor, if used, that of the dispatch service provider to observe individual users. Rather, the analyses help us to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
In view of the discussion about the use of analysis tools with complete IP addresses, we would like to explicitly point out once again that this website uses Google Analytics with the extension “_anonymizeIp()” and therefore IP addresses are only processed in abbreviated form in order to exclude direct personal references.
k) Data protection information for the use of YouTube.
We integrate the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
l) Data protection information for the use of Google Maps
m) Data protection information for the use of Google Fonts We integrate fonts („Google Fonts“) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data protection information: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
n) Online presence in social media
Data protection information for the use of Google +1
We use the “+1″ button of the social network Google+ (Google Plus) of Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043 USA, (hereinafter “Google”) on our website.
Each time you visit a website of our Internet presence that is provided with a “+1″ button, the “+1″ button causes the browser you are using to load and display the visual representation of the “+1″ button from the Google server. In doing so, the Google server is informed which particular website of our internet presence you are currently visiting. Google logs your browsing history when displaying a “+1″ button for a period of up to two weeks for system maintenance and troubleshooting purposes. No further evaluation of your visit to a website of our internet presence with a “+1″ button is carried out.
If you click the “+1″ button while logged in to Google+ (Google Plus), Google will collect information about your recommended URL, your IP address and other browser-related information via your Google profile so that your “+1″ recommendation can be stored and made publicly available. Your “+1″ recommendations can be displayed as references together with your profile name and your photo in Google services, such as search results or in your Google profile (as a “+1″ tab in your Google profile), or in other places on websites and advertisements on the internet.
At the following Internet address you will find Google’s data protection information on the “+1″ button with more detailed information on the collection, transfer and use of data by Google, your rights in this respect and your profile setting options. https://www.google.com/intl/de/+/policy/+1button.html
Information on the integration of Facebook Our website uses social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins are recognisable by one of the Facebook logos (white “f” on a blue tile or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of the Facebook social plugins can be viewed here: http://developers.facebook.com/plugins.
When you call up a web page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which then integrates it into the website. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform you according to our state of knowledge:
By integrating the plugins, Facebook receives the information that you have accessed the corresponding page of our website. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. If you interact with the plugins, for example by clicking the Like button or posting a comment, the corresponding information is transmitted directly from your browser to Facebook and stored there. If you are not a member of Facebook, there is still the possibility that Facebook will find out and store your IP address.
If you are a Facebook member and do not want Facebook to collect data about you via our website and link it to your membership data stored on Facebook, you must log out of Facebook before visiting our website.
It is also possible to block Facebook social plugins with add-ons for your browser, for example with “Facebook Blocker”.
Functions of the Twitter service are integrated on our pages. These functions are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transferred to Twitter in the process.
You can change your privacy settings on Twitter in the account settings.
2. bootstrap / jsdelivr / jQuery / ajax
On this site we use bootstrap, jsdelivr and jQuery functions, which optimise loading speeds and display. Program libraries are also called from the providers in this regard. If you have previously needed one of the functions on another website, your browser will fall back on the cached copies. If this is not the case, you will need to download the programme libraries from the provider websites.
You can find out more on the providers’ sites. -> http://holdirbootstrap.de -> https://jsdelivr.com -> https://jquery.com -> https://developers.google.com/speed/libraries/
For security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator, this site uses SSL encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
4. Right to information
You have the right to
to receive information free of charge about the personal data we have stored about you (right to information)
to request confirmation as to whether we are processing personal data relating to you (right to confirmation)
to demand that we delete the personal data concerning you without delay, provided that their processing is no longer necessary and the other requirements of the GDPR for deletion are also met (right to deletion)
to demand the immediate correction and completion of any inaccurate personal data relating to you (right to rectification)
to request the restriction of the processing of your personal data (right to restriction of processing)
to obtain the personal data concerning you in a structured, commonly used and machine-readable format (right to data portability)
to object to the processing of your personal data (right to object)
You also have the right to withdraw your consent to the processing of your personal data at any time with effect for the future.
For further information and to assert your rights, please contact firstname.lastname@example.org .
We will also be happy to inform you in writing about the data stored about you.
5. Use of the online booking tool DIRS21 of TourOnline AG
Our online presence uses the online booking tool DIRS21 (hereinafter “OBT”) of the company TourOnline AG, Borsigstraße 26, 73249 Wernau, Germany (www.dirs21.de, hereinafter “TOAG”) to enable online bookings of accommodation services and other travel services, as well as to process inquiries. Within the framework of the OBT, TOAG processes the data as the responsible party. The notes and provisions on data protection can be found in TOAG’s data protection declaration for the OBT, which you can call up at any time from the OBT or view at www.dirs21.de/datenschutz.
6. Further information
We are always working to secure your personal data by taking all technical and organizational measures to ensure that they are inaccessible to third parties. When communicating via e-mail, we cannot guarantee complete data security (due to the infrastructure of the Internet and the transmission protocol), so we recommend sending confidential information by post.