1. Party responsible for data processing
The Data Controller for your information is:
You have the following rights with respect to your personal data:
2.1 General rights
You have the right to information, access, correction, deletion, restriction of processing, objection to processing, and data portability. If processing is based on your consent, you have the right to revoke it at any time.
2.2 Rights to object to processing of data based on legitimate interests
Article 21(1) EU General Data Protection Regulation (EU) 2016/679 (“GDPR”) gives you the right to object at any time for reasons arising out of your particular situation against the processing of personal data relating to you when your data is processed under Article 6(1)(e) or Article 6 (1)(f) GDPR. This also applies to profiling. If you object, we will no longer process your personal data unless we can establish compelling and legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing aids the enforcing, exercising or defending of legal claims.
2.3 Rights to object to direct marketing
2.3.1 If we process your personal data for the purpose of direct marketing Article 21(2) GDPR gives you the right to object at any time to the processing of your personal data for the purpose of direct marketing; this also applies to profiling, insofar as it is associated with direct marketing.
2.3.2 If you object to processing for the purpose of direct marketing, we will no longer process your personal data for this purpose.
2.4 Right to complain to a supervisory authority
You also have the right to complain to a relevant data protection supervisory authority about our processing of your personal data.
3. The processing of personal data when using the Platform
3.1 We process your personal data using the legitimate interests legal basis, except in specific circumstances where you provide consent or where the processing is necessary for a contract that you have with us or where you have asked us to take specific steps prior to entering into a contract. We apply appropriate safeguards to protect your privacy and we process your personal data only for the limited purpose of providing our Services to you.
3.2 When you use our Platform, we process these types of personal data: Personal Identifying information such as your name, addresses, telephone numbers or email addresses. Electronic identification data such as IP addresses, cookies, connection moments, device ID’s mobile advertising identifiers, date and time of the inquiry, time, request contents, (concrete page), access status/HTTP status code, amount of data transferred, website receiving the request, browser software and version, operating system and its interface, and language. Data that your browser or device makes available. Electronic localisation data such as GPS data and locational data. Financial identification data such as credit or debit card numbers. Data about your interaction with our platform and services.
4. Contact by e-mail or contact form
4.1 When you contact us by e-mail or through a contact form, we will store the data you provide (your e-mail address, possibly your name and telephone number) so we can answer your questions. Your message may be linked to various actions taken by you on the Platform. Information collected will be solely used to provide you with support relating to your booking and better understand your feedback. A statement of this information is expressly provided on a voluntary basis and with your consent, art. 6 par. 1a GDPR. As far as this concerns information about communication channels (such as your e-mail address or telephone number), you also agree that we may also, where appropriate, contact you via this communication channel to answer your request. You may of course revoke this consent for the future at any time.
4.2 We delete the data that arises in this context after saving is no longer required, or limit processing if there are statutory retention requirements.
5.1 Transient cookies
These cookies are automatically deleted when you close your browser. This includes session cookies in particular. These save a “session ID” with which different requests from your browser can be assigned to the joint session. This allows your device to be recognised again when you return to our website. Session cookies are deleted when you log out or close your browser.
5.2 Persistent cookies
These cookies are automatically deleted after a set duration that can vary depending on the cookie. You can delete cookies in your browser security settings at any time.
5.3 Preventing cookies
You can configure your browser and App settings as you wish and, for example, decline to accept third-party or all cookies. Please note that you may not be able to use all of the website’s functions in this case.
5.4 Legal bases and storage period
The legal bases for possible processing of personally identifiable information and its storage period vary and are described in the following sections.
For the purposes of analysing and optimising our websites, we use different services that are described in the following. This allows us to analyse, for example, how many users visit our site, which information is requested the most, and how users find the website. The data that we collect includes the websites from which a person in question arrives at a website (“referrer”), which subpages on the website are accessed and how often, and the length of time for which a subpage is viewed. This helps us to develop and improve our website to be more user-friendly. The data collected does not serve to personally identify individual users. Anonymous or highly pseudonymous data will be collected. The legal basis for this is article 6, par. 1 f of the GDPR.
6.1 Google Analytics
6.1.1 This website uses Google Analytics, a web analysis service of Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). This use covers the Universal Analytics operating mode. This makes it possible to assign data, sessions, and interactions across multiple devices to a pseudonymous user ID and thus analyse a user’s activities across devices.
6.1.3 You can prevent cookies from being stored through the relevant setting in your browser software; however, please note that if you do so, not all functions of the website may be able to be used to their full extent. You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) from being collected and processed by Google by downloading and installing https://tools.google.com/dlpage/gaoptout?hl=en. Opt-out cookies prevent the future collection of your data when visiting this website. To prevent Universal Analytics collection across various devices, you must perform the opt-out on all systems in use. Set the opt-out cookie by clicking here: Deactivate Google Analytics.
6.2 Google Tag Manager
For transparency reasons, we would like to mention that we use Google Tag Manager. Google Tag Manager does not itself collect any personally identifiable information. Tag Manager makes it easier for us to incorporate and manage our tags. Tags are small elements of code that serve to measure traffic and user behaviour, record the effects of online advertising and social channels, establish remarketing and focus on target groups, and test and optimise websites, among other things. If you have deactivated, this will be taken into account by Google Tag Manager. For more information about Google Tag Manager, see: https://www.google.com/analytics/tag-manager/use-policy/
8. Google AdWords and Conversion Tracking
8.1 To draw attention to our services, we place Google AdWords display ads and, within this context, use Google conversion tracking for the purposes of personalised online ads based on interests and location. The option to anonymise IP addresses is controlled through Google Tag Manager, via an internal setting that is not visible in the source of this page. This internal setting is set so that the anonymisation required by privacy laws covers IP addresses.
8.4 With the use of this technology, Google, and we as their customer, receive the information that a user has clicked on an ad and was redirected to our websites. The information acquired this way is solely used for statistical analysis related to ad optimisation. We do not receive any information that would allow us to personally identify a visitor. The statistics provided to us by Google include the total number of users who have clicked on one of our ads and, where applicable, whether they were redirected to a page on our website that has a conversation tag. These statistics allow us to track which search terms most often lead to our ads receiving clicks, and which ads lead to the user contacting us via the contact form.
8.5 If you do not want this, you can prevent the storage of the cookies required for this technology by, for example, using the settings in your browser or your App. Should you do so, your visit will not be incorporated into user statistics.
8.7 However, we and Google will still receive statistical information about how many users visit this site and when. If you do not want to be included in these statistics either, you can prevent this by using additional programs for your browser (such as the Ghostery add-on).
8.1 Google DoubleClick
8.1.2 If you do not want to receive any user-based advertising, you can disable the placement of ads by using Google’s ad settings.
8.1.3 For more information about how Google cookies are used, please refer to Google’s privacy statement.
8.3 Google Dynamic Remarketing
8.3.1 We use the dynamic remarketing function of Google AdWords on our website. This technology allows us to place automatically generated ads oriented towards target groups after you visit our website. Ads are oriented towards products and services that you clicked on during your last visit to our website.
8.3.3 If you do not want to receive user-based advertising from Google, you can disable the placement of ads by using Google’s ad settings.
8.3.4 For more information about how Google cookies are used, please refer to Google’s privacy statement.
9. Data transmission
9.1 Your data will not be transmitted to third parties as a general rule unless we are legally obligated to do so or the transfer of data is necessary for implementing the contractual relationship or you have given prior express consent to have your data transferred.
9.2 We emphasise processing your data within the EU/EEA. However, it may happen that we use service providers who process data outside the EU/EEA. In these cases, we make sure that a reasonable level of data protection is established with the recipient before transmitting your personally identifiable information. This means that a level of data protection is reached through EU standard contracts or an adequacy decision that is comparable to the standard within the EU.
10. Data security
We have taken extensive technical and operational security precautions to protect your data from being accidentally or intentionally manipulated, lost, destroyed, or accessed by unauthorised persons. Our security measures are reviewed regularly and updated in keeping with technological advances.