Protecting your data is important to us!

Dear visitors to our website,

thank you for visiting our website. To ensure that you feel safe and comfortable when visiting our website, we would like to inform you below about how we handle your data. The following data protection provisions are intended to inform you about our handling of the collection, use and disclosure of personal data. Responsible for the data collection and processing:

DERTOUR Hotels & Resorts GmbH
Humboldtstr. 140 - 144
51149 Cologne
Germany

Data protection information

This privacy policy informs you about the processing of your personal data by us as well as about the rights you are entitled to when booking a travel service of our tour operator brands.

(Status: March 2024)


1. Who is responsible for data processing and whom can you contact?
The data controller is DERTOUR Deutschland GmbH, Humboldtstraße 140-144, 51149 Cologne. If you have any questions about data protection, you can contact the following e-mail address: datenschutz@dertouristik.com.

2. What data and what sources do we use?
We process data that we receive as part of our contractual relationship with you or based on your consent. We receive the data directly from you, e.g. as part of the travel booking or other order placement, e.g. via a travel agency, advertising cooperation partner.

If you provide us with personal data of other persons (e.g. fellow travellers) as a travel applicant, you must ensure that they agree to this and that you may transmit the data. You must ensure that these persons know how their personal data can be processed by us and what rights they have.

To the extent necessary, we process the following categories of data:

  • Identification/authentication data (e.g. surname, first name of all travellers, transaction number, user name, passwords, passport data)
  • Demographic data (e.g. age, date of birth of all travellers)
  • Physical characteristics (e.g. salutation, gender of all travellers)
  • Communication data (e.g. address, e-mail address, telephone number, correspondence, e-mail correspondence) Account data (e.g. IBAN number, credit card number)
  • Travel data (e.g. products booked, travel history)
  • If requested, special data (e.g. mobility aids, meal requests, if submitted)
  • Advertising and sales data (e.g. history of our advertising offers)
  • Preferences (e.g. your preferences, your ratings with regard to their trips, if arranged through/by us).
  • Behaviour (e.g. behaviour on our websites/app, location)
  • Family relationship (e.g. children travelling with)
  • Data in the context of complaints and crisis cases

3. On what legal basis and for what purpose is your data used?

3.1 Required to carry out pre-contractual measures in response to your request or to fulfil contractual obligations with you (Art. 6 para. 1 lit. b EU-GDPR)
We process your data for the preparation of offers and the execution of our contracts with you, i.e. in particular for the organisation, mediation and execution of the booked travel services, including complaints and crisis management (mediation/travel contract) by us or by authorised third parties. Further purposes are

  • To support our sales organisation with travel support
  • For the provision of customer portals/apps (usage agreement)
  • For the provision of contact options to us (e.g. contact form, arranging appointments for counselling) (agency/travel contract).
  • To participate in sweepstakes, contests or similar promotions (sweepstakes contract):
  • From time to time, we may offer you the opportunity to participate in sweepstakes or contests and similar promotions.

Personal data such as title, first name, surname, address, e-mail address and, if necessary, other data required for the promotion may be processed for the purpose of processing these promotions. All personal data provided in the context of such a promotion will be used exclusively for the processing of the promotion, e.g. for determining the prize, notifying the winner or sending the prize. The data will be deleted after the end of the promotion if priority retention periods have expired. The legal basis for the processing of the promotion is Art. 6 para. 1 lit. bEU-GDPR (competition contract).

3.2 Due to legal requirements (Art. 6 para. 1 lit. c EU-GDPR)
We are subject to various legal obligations and statutory requirements (e.g. German Civil Code (BGB), EU travel law, German Commercial Code (HGB), GoB, Passenger Data Act, tax laws of the Federal Republic of Germany). Your data may be processed by us or authorised third parties for the purposes of identity and age verification, prevention of criminal offences (e.g. fraud), the fulfilment of tax law/official control and reporting obligations, the assessment and management of risks as well as storage under financial and tax law.

3.3 Data processing for the protection of vital interests (Art. 6 para. 1 lit. d EU-GDPR)
In order to protect vital interests of you or another natural person, e.g. to provide an evacuation list to emergency services in emergency situations, your data may be processed by us or by authorised third parties.

3.4 For the protection of legitimate interests (Art. 6 para. 1 lit. f EU-GDPR)
Within the framework of a balancing of interests, to protect our predominantly legitimate interests as well as the interests of third parties, your data may be processed by us or by legitimate third parties. This is done for the following purposes:

  • Function, availability and security of business operations (e.g. IT, other services)
  • Further development of services/travel services and additional products (e.g. quality management)
  • Sales management
  • Advertising, market and opinion research, new customer acquisition
  • Assertion, exercise or defence of legal claims - the legitimate interest is given in particular when entering into transactions with financial default risk.
  • Prevention and investigation of criminal offences (e.g. fraud) - the legitimate interest is particularly given when entering into transactions with financial default risk)
  • Processing enquiries and providing necessary information (e.g. contact form)

Our interest in the respective processing results from the respective purposes (profit generation, avoidance of legal risks, assertion, exercise or defence of legal claims, provision and security of our business operations, efficient task fulfilment, process optimisation, protection against financial default risk).

As far as the specific purpose allows, we process your data pseudonymously.

3.4.1 Data processing for direct advertising (Art. 6 para. 1 lit. f EU-GDPR in conjunction with Section 7 para. 3 UWG)
We process your data for the purpose of direct marketing, for sending emails tailored to your travels with information and offers related to your travels. The profiling explained in section 10 is used for this purpose. The data processing is based on Art. 6 para. 1 lit. f EU-GDPR in conjunction with. § Section 7 (3) UWG and in the interest of informing you about new products and services. Each customer has his or her own right to object to this processing in accordance with Art. 21 EU-GDPR, the exercise of which leads to the termination of processing for the purpose of direct advertising. Your data will be blocked for the purposes of advertising. Your data will be deleted when priority retention periods have expired.
You can unsubscribe from existing customer mailings at any time with effect for the future. You can do this by contacting us directly at datenschutz@dertouristik.com or, if applicable, via a link in the case of existing customer mailings, without incurring any costs other than the transmission costs according to the basic rates.

3.5 Based on your consent (Art. 6 para. 1 lit. a EU-GDPR)
If you have given us consent to process your personal data, this consent is the legal basis for the processing mentioned there. In particular, you may have consented to being contacted by e-mail, post, telephone or messenger service. You can withdraw your consent at any time with effect for the future. To do so, please contact us at our contact address. The revocation only applies to future processing, not to processing that has already taken place.
Separate consents may be given for the following services:

  • Newsletter dispatch: You have the option to register for our free newsletter on some of our websites. The newsletter contains current offers on travel services, attractive specials and competitions and surveys (such as inspiration about your next trip travel equipment/literature, attractions or financial services). When you subscribe to the newsletter, we process the data listed below. We only process this data insofar as it actually accrues to us.
  • Data that you provide to us when ordering the newsletter (e-mail address, title, first name, surname, date of birth if applicable, content preferences).
  • Data proving your consent to receive the newsletter (IP address, timestamp of consent)
  • Data on the use of the newsletter (openings, clicks on contained links, accessibility of the e-mail address, data of the terminal device used).
  • Data that accrue during the use of our website (e.g. IDs, pages viewed, booking of a service, shopping cart abandonment), this information is used temporarily for the personalisation of the newsletter content to your profile and then deleted. You can unsubscribe from the newsletter at any time with effect for the future. This can be done by contacting us directly and using the "Unsubscribe Newsletter" link contained in every newsletter or, if applicable, via a link in the e-mail for existing customers' e-mailings, without incurring any costs other than the transmission costs according to the basic rates. Your data will be blocked for advertising. Your data will be deleted when priority retention periods have expired.
  • Preferences (e.g. your preferences, your ratings with regard to their trips, if arranged through/by us).

4. Who gets my data?

Your personal data will only be passed on in compliance with the requirements of the EU-GDPR and only insofar as this is permitted by a legal basis. Your data will only be disclosed to those bodies that need it to fulfil our contractual and legal obligations or to perform their respective tasks, e.g.

  • Agencies within and outside the responsible party (e.g. customer service, data protection management, accounting, internal and external legal advice, compliance) commissioned to carry out the trip/process your enquiry Printing and dispatch service providers (e.g. printing and dispatch of invoices/travel confirmation/travel documents)
  • Destination agency (e.g. tour guide, hotel reservation, transfer and possibly excursion services)
  • Transport service provider (airline, rail if applicable)
  • Accommodation operator (hotel management)
  • Insurer
  • Service provider of other booked services
  • Partner for the implementation of advertising, market and opinion research, new customer acquisition
  • Partner to assist in the investigation of criminal offences (e.g. fraud), assertion, exercise or defence of legal claims
  • Public authorities (tax authorities, embassies of the destination country) in the event of a legal or official obligation (e.g. retention obligations, VISA procurement, obtaining entry requirements).
  • Other bodies for which you have given us your consent to data processing

5. How long will my personal data be stored?

As far as necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and execution of a contract. In addition, we are subject to various storage and documentation obligations, which result from the German Civil Code (BGB) and EU travel law, the German Commercial Code (HGB), the German Fiscal Code (AO), among others.

  • Storage  for 3 years according to §§ 195 ff. German Civil Code (BGB)

-beginning  with the end of the year in which the claim arose and the  creditor became aware of the circumstances giving rise to the claim and of the person of the debtor or should have become aware of them without gross negligence for the assertion, exercise or defence of legal claims pursuant to section 199 (1) German Civil Code (BGB)

  • Retention  for 6 years

begins with the end of the calendar year in which the last entry was made in the trading book, the inventory was drawn up, the opening balance sheet or the annual financial statements were adopted, the individual financial statements pursuant to section 325 para. 2a or the consolidated financial statements were drawn up, the commercial letter was received or dispatched or the accounting voucher was created in accordance with statutory retention periods from section 257 para. 5 German Commercial Code (HGB) for commercial letters and begins with the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report was prepared, the commercial or business letter was received or sent or the accounting document was created, furthermore the recording was made or the other documents were created according to § 147 para. 4 German Fiscal Code (AO) for commercial and business letters, other documents insofar as they are of importance for taxation.

  • Storage  for 10 years

begins at the end of the calendar year in which the last entry was made in the commercial ledger, the inventory was drawn up, the opening balance sheet or the annual financial statements were adopted, the individual financial statements pursuant to § 325 para. 2a or the consolidated financial statements were drawn up, the commercial letter was received or dispatched or the accounting voucher was created in accordance with statutory retention periods from § 257 para. 5 German Commercial Code (HGB) for commercial books, inventories, opening balance sheets, annual financial statements, individual financial statements pursuant to § 325 para. 2a, management reports, consolidated financial statements, group management reports as well as the work instructions and other organisational documents required for their comprehension, documents for entries in books to be kept pursuant to § 238 para. 1 (accounting vouchers) and begins with the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report was prepared, the commercial or business letter was received or dispatched or the accounting voucher was created, furthermore the recording was made or the other documents were created in accordance with § 147 Para. 4 German Fiscal Code (AO) for books and records, inventories, annual financial statements, management reports, the opening balance sheet as well as the work instructions and other organisational documents required for their understanding, accounting vouchers, documents pursuant to Article 15(1) and Article 163 of the Union Customs Code
in the case of other claims for damages pursuant to § 199 para. 3 German Civil Code (BGB) after ten years from their accrual

  • Storage  for 30 years

in the case of claims for damages based on injury to life, body, health or freedom 30 years from the commission of the act, the breach of duty or the other event triggering the damage (e.g. judgments, default summonses, court records, notarial deeds).
Processing for advertising purposes can be objected to free of charge at any time upon informal request in accordance with Art. 21 EU-GDPR; in this case, the data will be blocked for advertising purposes. Your data will be deleted when priority retention periods have expired.
Your personal data will be deleted on the basis of your consent as soon as the purpose has been fulfilled or until revocation and when priority retention periods have expired.

6. Will my data be transferred to a third country?
We transfer your data to recipients outside the scope of the EUEU-GDPR regime and if there is neither an adequacy decision under Article 45(3) nor appropriate safeguards under Article 46, including binding internal data protection rules exist only to the extent that the transfer is necessary:

  • for the conclusion or performance of the contract with you or for the performance of pre-contractual measures at your request
  • for the performance of a contract concluded in your interest by the controller with another natural or legal person
  • for the assertion, exercise or defence of legal claims
  • to protect the vital interests of the data subject or of other persons, where the data subject is physically or legally incapable of giving consent
  • you have given us your consent

These data processing operations are permissible exceptions from Art. 49 EUEU-GDPR.
Insofar as a data transfer outside the scope of the EU Data Protection Regulation is necessary due to our predominantly legitimate interest or you have given us your consent, this is secured, among other things, with EU standard contractual clauses in accordance with Art. 46 (2) c EU Data Protection Regulation. If necessary, the EU standard contractual clauses are supplemented by further contractual assurances. Information and copies can be obtained via the contact provided.

7. Do I have certain rights when dealing with my data?
You have the right to information (Art. 15 EU-GDPR, § 34 BDSG), to correction (Art. 16 EU-GDPR), to deletion (Art. 17 EU-GDPR, § 35 BDSG), to restriction of processing (Art. 18 EU-GDPR) and to data portability (Art. 20 EU-GDPR) under the respective legal conditions.

In addition, you have the right to object at any time on grounds relating to your particular situation to the processing of personal data relating to you which is carried out on the basis of Article 6 (1) (f) of the EUEU-GDPR, in accordance with Article 21 of the EUEU-GDPR. This also applies to so-called "profiling" based on this provision within the meaning of Art. 4 No. 4 EU-GDPR. If a justified objection is made, we will no longer process this personal data for these purposes. An objection can be made informally to our contact address. You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 EU-GDPR, § 19 BDSG).

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestrasse 2-4
40213 Düsseldorf

8. Is there an obligation for me to provide my data?
Within the scope of our business relationship, you only have to provide the personal data that is required for the establishment, implementation and termination of a business relationship or which we are legally obliged to collect. Without this data, we will usually have to refuse the conclusion of the contract or the execution of the order or will no longer be able to execute an existing contract and may have to terminate it.

9. Is there automated decision-making in individual cases?
For the establishment and implementation of the business relationship, we generally do not use automated decision-making pursuant to Art. 22 EU-GDPR. Should we use these procedures in individual cases, you will be informed of this separately if this is required by law.

10. Will my data be used for profiling in any way?
If you have booked a trip with us, we process your data partly automatically with the aim of evaluating your potential interest in certain products, offers and services ("profiling" according to Art. 4 No. 4 EU-GDPR). The evaluation is carried out using statistical and market research procedures, procedures taking into account your previously booked trips, services and your booking behaviour. We take into account your booking history with us as well as characteristics of the bookings and booked trips, products and services. These characteristics include booking frequency, booking channel, added and cancelled services, booking lead time, travel price, type of travel, destination, number of travellers and characteristics of the main product booked, such as star category and amenities. As a rule, a selection of the characteristics mentioned is used with equal weighting, but they can also be used in total with a weighting not specified in advance.

We use the results of these analyses for market and opinion research, a targeted and needs-based customer approach and for acquiring new customers. This form of data use is carried out on the legal basis of Art. 6 para. 1 lit. f EU-GDPR due to the overriding legitimate interest in direct advertising, market and opinion research and new customer acquisition.

With your consent, we collect data on some of our websites and link these with data from other sources in order to form and enrich pseudonymised user profiles and to create target group segments on their basis. The profiles and segments are used for analysis purposes and to offer you content and offers based on your interests on our portals, in the newsletter and on other communication channels, and to make our online advertising activities on third-party sites more individual and interesting for you based on your user profile. The data collected on the website includes technical characteristics and information about your visit path, search behaviour, product contact and bookings as well as pseudonymised IDs such as cookie IDs. The user profiles and segments created are transferred to our systems for online advertising activities, onsite design and newsletter communication.

If you have given us separate consent, we use the ID+ service of Zeotap GmbH, which aggregates IDs of users from different participating companies into one universal ID. You can find more information about this in the Zeotap section.
In order to assess the potential risk of non-payment, we use information we have about fraudulent behaviour and publicly available information to forecast the likelihood of your payment defaulting on the booking you have made.
For this risk probability calculation, contact data, bank details, date of birth are processed with equal weighting using public address data and bank connection data provided to us by our partner Crif GmbH. An allocation is made to statistical groups of persons who have exhibited similar behaviour in the past.

The results support us in individual decision-making to prevent fraud damage and follow up on legal claims.

This data processing is carried out on the legal basis of Art. 6 (1) lit. f EU-GDPR due to the overriding legitimate interest in the prevention of fraud damage and the pursuit of legal claims.

11. Contact details of the data protection officer
If you have any questions on the subject of data protection, please contact:
DERTOUR Deutschland GmbH
Data Protection Officer(s)
Emil-von-Behring-Strasse 6
60424 Frankfurt am Main
E-mail: datenschutz@dertouristik.com

12. Usage data/log files
We use information that we receive and store during your visit to our websites for the purposes of security and improving the functionality of the website.

This dataset consists of:

  • the page from which the file was requested
  • the name of the file
  • the date and time of the query
  • the amount of data transferred
  • the access status
  • the description of the type of web browser used
  • the IP address of the requesting computer (see above, anonymised after the period mentioned below).

We use this information to enable you to access our website, to control and administer our systems and to improve the design and function of the website.

We only store the IP address transmitted by your web browser, including the above-mentioned data record, for a period of time in order to be able to recognise, limit and eliminate malfunctions or errors (e.g. attacks on our servers). The storage ends after one month at the latest. After this period, we delete or anonymise the IP address.

This is done due to our predominantly legitimate interest in the security and functionality of our website § 25 para. 2 no. 2 German Telecommunication Telemedia Data Protection Act (TTDSG) in conjunction with. Art. 6 para. 1 lit. f EU-GDPR.

Consent Management System

Use of Consent Management System to manage and document consent and settings for data collection and cookies

As a user, you can decide yourself about the use of cookie-based services / technologies and the data collection by them on our portal and adjust or withdraw them at any time with effect for the future. This is possible via an information and consent banner that is displayed on first visits and when the services are changed, as well as via the cookie settings that can be accessed at any time via a link at the bottom of every page. As part of aEU-GDPR-compliant approach, we only use services requiring consent after you have given your prior consent. You can also use our website without this consent.

For the provision of this setting and consent function within the meaning of theEU-GDPR and for the explanation of the use of cookie-based technologies, we use a so-called Consent Management System of the company Usercentrics, GmbH, Rosental 4, 80331 Munich. In addition, this system is used to document your decisions for your browser, with which we fulfil the data protection requirements of the documentation and verification obligation.

Usercentrics uses cookies and collects the date and time of the visit, browser and device information, the anonymised IP address as well as opt-in and opt-out data exclusively to store your consent and to comply with legal obligations on the basis of the legal basis § 25 (2) No. 2 German Telecommunication Telemedia Data Protection Act(TTDSG) in conjunction with.EU-GDPR Art. 6 (1) (c). The data processing takes place within the European Union.

For more information on the data processor's privacy policy, please visit https://usercentrics.com/de/datenschutzerklaerung/.

As a user, you have other, alternative ways such as browser extensions, settings, adblockers or opt-out links of individual tools to prevent the setting of cookies or the collection of data by services. We would like to point out that these ways are not equivalent to the use of a consent management system.

Browser extensions, settings and adblockers can prevent cookies and, where applicable, data collection by services. However, you cannot decide for yourself in all cases what you want to allow or prevent. In doing so, it is possible that your decisions made via the Consent Management System are overridden or even the necessary use of the Consent Management System is prevented. In addition, extensions and adblockers can cause unexpected problems with the basic functions of the portal.

Many marketing services provide their own opt-out options via opt-out links or cookies. We list these in the privacy policy, if available. The opt-out often applies to the basic portal-independent use of the service, but only takes place subsequently and on a page of the provider, independently of the consent management of our portal. So-called opt-out cookies are often set, which in turn can be cancelled by the cookie settings of your browser or by deleting cookies.

If you use the aforementioned alternative ways, documentation of your settings and decisions is not possible for us.

Website Analytics and Tracking

USE OF COOKIES

When you visit our website, information may be stored on your computer in the form of cookies in order, for example, to recognise visitors' preferences and to be able to optimally design the website accordingly. This helps us, for example, to facilitate navigation and to achieve a high level of user-friendliness.

Cookies are text files that are stored on the user's hard disk when visiting a website. They are harmless to your computer and cannot be seen by third parties. They allow information to be retained for a certain period of time and identify the user's computer.

If you accept our cookies, they remain on your computer for a period of 30 days unless you delete them before then. During an online booking, cookies are stored temporarily for the course of the booking. These are automatically deleted after 30 minutes of inactivity or after closing the website.

You can object to the collection and storage of your data via this service at any time. If you want to avoid the activation of cookies, deactivate them in your browser. Please note, however, that switching off cookies may restrict the use of the website and the services offered.

ADOBE ANALYTICS

By using the web analytics tool Adobe Analytics, we measure the reach, usage and performance data of our website to improve the design, functioning and offering of our website. We collect anonymous information about the content viewed, the type of browser and device used, and product searches, views and bookings made to understand product demand and detect fraud attempts and artificial traffic from bots or crawlers. We also collect technical performance data and functional errors.

Cookies (text files) that are stored on your computer are also used. The information collected is transferred to a server of Adobe in Ireland and stored there in strict compliance with EU directives. Under no circumstances can conclusions be drawn about specific natural persons. We also ensure that the IP address is anonymised before geolocation. For this purpose, we use IP anonymisation by default in the server settings. After geolocation has been recorded, the IP address is rendered unrecognisable by (x.x.x.x.) and is no longer available. The IP address is not used in any other way or passed on to third parties.

You can find data protection information on Adobe Analytics here:
https://www.adobe.com/de/privacy/policy.html
https://www.adobe.com/de/privacy.html
https://www.adobe.com/de/privacy/experience-cloud.html
https://experienceleague.adobe.com/docs/core-services/interface/administration/ec-cookies/cookies-privacy.html?lang=de

Adobe Analytics is used on the basis of the legal basis § 25 para. 2 no. 2 German Telecommunication Telemedia Data Protection Act(TTDSG) in conjunction with. Art. 6 para. 1 lit. fEU-GDPR on the basis of the overriding legitimate interest to prevent fraud, to monitor errors in website functions and to evaluate the reach of the portal.

One way to object to web analysis by Adobe Analytics is to set an opt-out cookie. This informs Adobe that your data may not be stored or used for web analytics purposes. Please note that with this solution, web analytics will only not take place as long as the opt out cookie is stored by the browser. If the cookie is no longer stored by the browser, your objection expires. There is also no documentation of your decision and the opt out cookie may contradict your decision in the Consent Management System.

If you would like to set the opt out cookie now, please click here:
https://metrics.motorhomebookers.com/optout.html?locale=en_US&popup=true

ADOBE LAUNCH TAG MANAGEMENT SYSTEM

We use a tag management system from Adobe to control the use of analysis and online marketing software on our website and to improve the technical performance of our website. The tag management system controls, according to definable rules, which and in which form the software components (tags) used on the website and explained in this data protection declaration are used. In this way, we ensure that only the named tags are used and that these only collect data to the extent explained here.

Via the tag management system, data is passed on to the aforementioned tags and in the form explained. Cookies may also be used in the process. However, the data is not stored in the tag management system.
The use of the Adobe Launch Tag Management System is based on the legal basisEU-GDPR Art. 6 para. 1 lit. b and c and can therefore not be deactivated via our Consent Management System.

However, the options of the Consent Management System are available to you to object to the collection of data via the tools played out by the Tag Management System.

Further data protection information on the Adobe Launch Tag Management System can be found here:
https://www.adobe.com/de/privacy/policy.html
https://www.adobe.com/de/privacy.html
https://www.adobe.com/de/privacy/experience-cloud.html
https://experienceleague.adobe.com/docs/core-services/interface/administration/ec-cookies/cookies-privacy.html?lang=de

Referral and Linking to Partner Sites

On our website, we offer you links to the websites of our partners, where you can find further products and services related to travel. When using the links, you will be forwarded to the respective partner website without user data being transmitted from our website to that of the partner. After using the link, you will find yourself on the portal of the respective partner, which is the responsibility of the partner.

Referral and Linking to Social Media Networks

Our internet presences on social media platforms serve to provide users as customers and interested parties with information about our services and offers. In addition, the social networks provide a forum for communication between users and our company.

Through the use of social media, personal data of the users is forwarded to the providers of social networks. Please note that the data of participating persons may therefore also be stored and processed outside the European Union. This results in a different legal situation than regulated by the GDPR. However, providers who have agreed to the Privacy Shield agreement between the USA and the EU thereby undertake to comply with the data protection principles contained therein. In addition, user data is usually used by the operators of social networks for market research and advertising purposes. By means of surfing behaviour and interests derived from it, profiles can be created which serve the purpose of, for example, presenting the user with tailored advertisements within and outside the network. In the context of market research, so-called cookies are stored by the user's browser. These are small text files that can be deleted via the browser settings. In addition, further data may be stored in the user profiles, especially if the user has an account with the respective social media platform and is logged in.

The legal basis for the storage and processing of personal data is legitimate interest with regard to the provision of beneficial information for customers and interested parties as well as beneficial communication with users within the meaning of Art. 6 (1) lit. f DSGVO. If the user consents to the processing of personal data by means of a tick box or confirmation via a button, Art. 6 para. 1 lit. a DSGVO applies.

Detailed information on the storage and processing of user data as well as on the given objection options (opt-out right) can be found on the pages of the respective providers, which are listed below.

If you have any questions or wish to assert your user rights in the context of social media platforms, the respective network provider is the right contact. This is because only the provider has full access to the stored user data. Therefore, only the respective provider can provide detailed information and, if necessary, initiate measures to change or delete the data. If you need advice or support, you can contact us at any time.

Facebook
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2
Irland
E-Mail: impressum-support@support.facebook.com
Privacy Policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads & http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Google and YouTube
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Irland
E-Mail: support-de@google.com
Privacy Policy: https://policies.google.com/privacy
Opt-out: https://adssettings.google.com/authenticated
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Instagram
Instagram Inc.
1601 Willow Road
Menlo Park, CA 94025
USA
E-Mail: impressum@support.instagram.com
Privacy Policy/Opt-Out: http://instagram.com/about/legal/privacy/

Integration of Google Maps

The map service Google Maps is connected to our website via an API. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functions of Google Maps, it is necessary to save your Ip address. This information is usually transferred to Google servers in the USA and stored. As the provider of this site, we have no influence on the data transfer.

We use Google Maps on our websites to present our offers in an appealing way and to show you the exact location of our products (legitimate interest according to Art. 6 para. 1 lit. fEU-GDPR).
You can find further information on the handling of your data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/

Integration of Youtube

Plugins from the YouTube website operated by Google are used on our website. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. Such integration takes place exclusively in the extended data protection mode of YouTube (more information at: https://support.google.com/youtube/answer/171780?hl=de), in which no cookies are used. As long as there is no interaction with the video, no data is collected by the service. If a user clicks on an embedded YouTube video, data is again collected and further data processing for analysis purposes is carried out by Google LLC and its affiliated companies. The extended data protection mode prevents YouTube from connecting to Google's DoubleClick advertising network. When videos are played, the service collects browser and device settings, IP address, browser identifier, date, time and referral URL of the request to play the video, name of the video and playback time, as well as system activity and crash reports for the purposes of providing, maintaining and improving the services and measuring performance.

If you have a Google account and are logged in to it at the time of using a video, the usage data may be merged with your profile data. This depends on the privacy settings you have made in your account.
If you have a YouTube account and are logged in, YouTube will be able to associate your user behaviour with your personal profile. You can prevent this by logging out of your YouTube account.
Google's privacy policy and terms of use can be found here:

https://policies.google.com/privacy

We use YouTube on our websites to display and present our offers in an appealing way. This data processing may also take place outside the EU or the EEA. As a suitable guarantee for the lawfulness of these data transfers, we have concluded EU standard contracts with the processor in accordance with Art. 46 (2) cEU-GDPR.

The service is only used after you have given your prior consent. You can give this via our Consent Management System either during your first visit to the portal via the consent banner or via the layer that is displayed above a YouTube integration without the existence of consent.

In addition, you can consent at any time via the cookie settings, which can be accessed via a link at the bottom of every page of the portal, and adjust or withdraw them with effect for the future. Your choice will be documented for your browser, thus fulfilling the data protection requirements of the documentation obligation.

Integration of  FONTS.COM  
Web fonts are used on our website to ensure the uniform display of fonts. We use "fonts.com", a font service of Monotype GmbH, Werner-Reimers-Straße 2-4, 61352 Bad Homburg ("fonts.com").
In order to display fonts and texts correctly, your web browser loads the required fonts into the cache. To ensure this, your web browser must establish a connection to the servers of "fonts.com". This tells "fonts.com" that our website has been accessed via your IP address. We use the web fonts on our websites to present our offers in an appealing way (legitimate interest according to Art. 6 Para. 1 lit. f DSGVO).
Further information on "fonts.com" can be found here: https://www.fonts.com/info/legal/privacy.

Form Pages

Our website also offers the possibility to contact us on various topics. Examples of this are forms for booking enquiries, call-back requests, feedback, special customer requests, etc.

Depending on the background of the contact, various data are requested in the form. Personal details such as title, first name, surname and e-mail address are usually mandatory for the purpose of contacting you and addressing you personally. If you use a form for a callback or appointment request, additional data such as telephone number may be requested. For travel enquiries or questions about existing processes, you also have the option of entering your booking or invoice number.

Data Security

To protect your data from unwanted access, we use an encryption process on our pages. Your data is then transferred from your computer to our server and vice versa via the Internet using TLS 1.2 encryption. You can recognise this by the fact that the lock symbol on the status bar of your browser is closed and the address line begins with https://.

Overview of Opt-Out Options