Pri­va­cy Poli­cy

1. An over­view of data pro­tec­tion

Gene­ral infor­ma­ti­on

The fol­lo­wing infor­ma­ti­on will pro­vi­de you with an easy to navi­ga­te over­view of what will hap­pen with your per­so­nal data when you visit this web­site. The term “per­so­nal data” com­pri­ses all data that can be used to per­so­nal­ly iden­ti­fy you. For detail­ed infor­ma­ti­on about the sub­ject mat­ter of data pro­tec­tion, plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on, which we have included beneath this copy.

Data recor­ding on this web­site

Who is the respon­si­ble par­ty for the recor­ding of data on this web­site (i.e., the “con­trol­ler”)?

The data on this web­site is pro­ces­sed by the ope­ra­tor of the web­site, who­se cont­act infor­ma­ti­on is available under sec­tion “Infor­ma­ti­on about the respon­si­ble par­ty (refer­red to as the “con­trol­ler” in the GDPR)” in this Pri­va­cy Poli­cy.

How do we record your data?

We coll­ect your data as a result of your sha­ring of your data with us. This may, for ins­tance be infor­ma­ti­on you enter into our cont­act form.

Other data shall be recor­ded by our IT sys­tems auto­ma­ti­cal­ly or after you con­sent to its recor­ding during your web­site visit. This data com­pri­ses pri­ma­ri­ly tech­ni­cal infor­ma­ti­on (e.g., web brow­ser, ope­ra­ting sys­tem, or time the site was acces­sed). This infor­ma­ti­on is recor­ded auto­ma­ti­cal­ly when you access this web­site.

What are the pur­po­ses we use your data for?

A por­ti­on of the infor­ma­ti­on is gene­ra­ted to gua­ran­tee the error free pro­vi­si­on of the web­site. Other data may be used to ana­ly­ze your user pat­terns.

What rights do you have as far as your infor­ma­ti­on is con­cer­ned?

You have the right to recei­ve infor­ma­ti­on about the source, reci­pi­ents, and pur­po­ses of your archi­ved per­so­nal data at any time wit­hout having to pay a fee for such dis­clo­sures. You also have the right to demand that your data are rec­ti­fied or era­di­ca­ted. If you have con­sen­ted to data pro­ces­sing, you have the opti­on to revo­ke this con­sent at any time, which shall affect all future data pro­ces­sing. Moreo­ver, you have the right to demand that the pro­ces­sing of your data be rest­ric­ted under cer­tain cir­cum­s­tances. Fur­ther­mo­re, you have the right to log a com­plaint with the com­pe­tent super­vi­sing agen­cy.

Plea­se do not hesi­ta­te to cont­act us at any time if you have ques­ti­ons about this or any other data pro­tec­tion rela­ted issues.

Ana­ly­sis tools and tools pro­vi­ded by third par­ties

The­re is a pos­si­bi­li­ty that your brow­sing pat­terns will be sta­tis­ti­cal­ly ana­ly­zed when your visit this web­site. Such ana­ly­ses are per­for­med pri­ma­ri­ly with what we refer to as ana­ly­sis pro­grams.

For detail­ed infor­ma­ti­on about the­se ana­ly­sis pro­grams plea­se con­sult our Data Pro­tec­tion Decla­ra­ti­on below.

2. Hos­ting

We are hos­ting the con­tent of our web­site at the fol­lo­wing pro­vi­der:

All-Inkl

The Pro­vi­der is the ALL-INKL.COM – Neue Medi­en Mün­nich, owner: René Mün­nich, Haupt­stra­ße 68, 02742 Frie­ders­dorf, Ger­ma­ny (her­ein­af­ter “All-Inkl”). For details, plea­se visit the pri­va­cy poli­cy of All-Inkl: https://all-inkl.com/datenschutzinformationen/.

The use of All-Inkl is based on Art. 6(1)(f) GDPR. We have a legi­ti­ma­te inte­rest in the most relia­ble repre­sen­ta­ti­on of our web­site. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

Data pro­ces­sing

We have con­cluded a data pro­ces­sing agree­ment (DPA) for the use of the abo­ve-men­tio­ned ser­vice. This is a con­tract man­da­ted by data pri­va­cy laws that gua­ran­tees that they pro­cess per­so­nal data of our web­site visi­tors only based on our ins­truc­tions and in com­pli­ance with the GDPR.

3. Gene­ral infor­ma­ti­on and man­da­to­ry infor­ma­ti­on

Data pro­tec­tion

The ope­ra­tors of this web­site and its pages take the pro­tec­tion of your per­so­nal data very serious­ly. Hence, we hand­le your per­so­nal data as con­fi­den­ti­al infor­ma­ti­on and in com­pli­ance with the sta­tu­to­ry data pro­tec­tion regu­la­ti­ons and this Data Pro­tec­tion Decla­ra­ti­on.

When­ever you use this web­site, a varie­ty of per­so­nal infor­ma­ti­on will be coll­ec­ted. Per­so­nal data com­pri­ses data that can be used to per­so­nal­ly iden­ti­fy you. This Data Pro­tec­tion Decla­ra­ti­on explains which data we coll­ect as well as the pur­po­ses we use this data for. It also explains how, and for which pur­po­se the infor­ma­ti­on is coll­ec­ted.

We here­wi­th advi­se you that the trans­mis­si­on of data via the Inter­net (i.e., through e‑mail com­mu­ni­ca­ti­ons) may be pro­ne to secu­ri­ty gaps. It is not pos­si­ble to com­ple­te­ly pro­tect data against third-par­ty access.

Infor­ma­ti­on about the respon­si­ble par­ty (refer­red to as the “con­trol­ler” in the GDPR)

The data pro­ces­sing con­trol­ler on this web­site is:

Hotel Grup­pe Braunfels GmbH
Johan­na Arnold
Am Kur­park 11
35619 Braunfels

Pho­ne: +49 6442 3050
E‑mail: willkommen@hotel-gruppe-braunfels.de

The con­trol­ler is the natu­ral per­son or legal enti­ty that sin­gle-han­dedly or joint­ly with others makes decis­i­ons as to the pur­po­ses of and resour­ces for the pro­ces­sing of per­so­nal data (e.g., names, e‑mail addres­ses, etc.).

Sto­rage dura­ti­on

Unless a more spe­ci­fic sto­rage peri­od has been spe­ci­fied in this pri­va­cy poli­cy, your per­so­nal data will remain with us until the pur­po­se for which it was coll­ec­ted no lon­ger appli­es. If you assert a jus­ti­fied request for dele­ti­on or revo­ke your con­sent to data pro­ces­sing, your data will be dele­ted, unless we have other legal­ly per­mis­si­ble reasons for sto­ring your per­so­nal data (e.g., tax or com­mer­cial law reten­ti­on peri­ods); in the lat­ter case, the dele­ti­on will take place after the­se reasons cea­se to app­ly.

Gene­ral infor­ma­ti­on on the legal basis for the data pro­ces­sing on this web­site

If you have con­sen­ted to data pro­ces­sing, we pro­cess your per­so­nal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cate­go­ries of data are pro­ces­sed accor­ding to Art. 9 (1) DSGVO. In the case of expli­cit con­sent to the trans­fer of per­so­nal data to third count­ries, the data pro­ces­sing is also based on Art. 49 (1)(a) GDPR. If you have con­sen­ted to the sto­rage of coo­kies or to the access to infor­ma­ti­on in your end device (e.g., via device fin­ger­prin­ting), the data pro­ces­sing is addi­tio­nal­ly based on § 25 (1) TDDDG. The con­sent can be revo­ked at any time. If your data is requi­red for the ful­fill­ment of a con­tract or for the imple­men­ta­ti­on of pre-con­trac­tu­al mea­su­res, we pro­cess your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­mo­re, if your data is requi­red for the ful­fill­ment of a legal obli­ga­ti­on, we pro­cess it on the basis of Art. 6(1)© GDPR. Fur­ther­mo­re, the data pro­ces­sing may be car­ri­ed out on the basis of our legi­ti­ma­te inte­rest accor­ding to Art. 6(1)(f) GDPR. Infor­ma­ti­on on the rele­vant legal basis in each indi­vi­du­al case is pro­vi­ded in the fol­lo­wing para­graphs of this pri­va­cy poli­cy.

Reci­pi­ents of per­so­nal data

In the scope of our busi­ness acti­vi­ties, we coope­ra­te with various exter­nal par­ties. In some cases, this also requi­res the trans­fer of per­so­nal data to the­se exter­nal par­ties. We only dis­c­lo­se per­so­nal data to exter­nal par­ties if this is requi­red as part of the ful­fill­ment of a con­tract, if we are legal­ly obli­ga­ted to do so (e.g., dis­clo­sure of data to tax aut­ho­ri­ties), if we have a legi­ti­ma­te inte­rest in the dis­clo­sure pur­su­ant to Art. 6 (1)(f) GDPR, or if ano­ther legal basis per­mits the dis­clo­sure of this data. When using pro­ces­sors, we only dis­c­lo­se per­so­nal data of our cus­to­mers on the basis of a valid con­tract on data pro­ces­sing. In the case of joint pro­ces­sing, a joint pro­ces­sing agree­ment is con­cluded.

Revo­ca­ti­on of your con­sent to the pro­ces­sing of data

A wide ran­ge of data pro­ces­sing tran­sac­tions are pos­si­ble only sub­ject to your express con­sent. You can also revo­ke at any time any con­sent you have alre­a­dy given us. This shall be wit­hout pre­ju­di­ce to the lawful­ness of any data coll­ec­tion that occur­red pri­or to your revo­ca­ti­on.

Right to object to the coll­ec­tion of data in spe­cial cases; right to object to direct adver­ti­sing (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a com­plaint with the com­pe­tent super­vi­so­ry agen­cy

In the event of vio­la­ti­ons of the GDPR, data sub­jects are entit­led to log a com­plaint with a super­vi­so­ry agen­cy, in par­ti­cu­lar in the mem­ber sta­te whe­re they usual­ly main­tain their domic­i­le, place of work or at the place whe­re the alle­ged vio­la­ti­on occur­red. The right to log a com­plaint is in effect regard­less of any other admi­nis­tra­ti­ve or court pro­cee­dings available as legal recour­ses.

Right to data por­ta­bi­li­ty

You have the right to have data that we pro­cess auto­ma­ti­cal­ly on the basis of your con­sent or in ful­fill­ment of a con­tract han­ded over to you or to a third par­ty in a com­mon, machi­ne-rea­da­ble for­mat. If you should demand the direct trans­fer of the data to ano­ther con­trol­ler, this will be done only if it is tech­ni­cal­ly fea­si­ble.

Infor­ma­ti­on about, rec­ti­fi­ca­ti­on and era­di­ca­ti­on of data

Within the scope of the appli­ca­ble sta­tu­to­ry pro­vi­si­ons, you have the right to demand infor­ma­ti­on about your archi­ved per­so­nal data, their source and reci­pi­ents as well as the pur­po­se of the pro­ces­sing of your data at any time. You may also have a right to have your data rec­ti­fied or era­di­ca­ted. If you have ques­ti­ons about this sub­ject mat­ter or any other ques­ti­ons about per­so­nal data, plea­se do not hesi­ta­te to cont­act us at any time.

Right to demand pro­ces­sing rest­ric­tions

You have the right to demand the impo­si­ti­on of rest­ric­tions as far as the pro­ces­sing of your per­so­nal data is con­cer­ned. To do so, you may cont­act us at any time. The right to demand rest­ric­tion of pro­ces­sing appli­es in the fol­lo­wing cases:

  • In the event that you should dis­pu­te the cor­rect­ness of your data archi­ved by us, we will usual­ly need some time to veri­fy this cla­im. During the time that this inves­ti­ga­ti­on is ongo­ing, you have the right to demand that we rest­rict the pro­ces­sing of your per­so­nal data.
  • If the pro­ces­sing of your per­so­nal data was/is con­duc­ted in an unlawful man­ner, you have the opti­on to demand the rest­ric­tion of the pro­ces­sing of your data ins­tead of deman­ding the era­di­ca­ti­on of this data.
  • If we do not need your per­so­nal data any lon­ger and you need it to exer­cise, defend or cla­im legal entit­le­ments, you have the right to demand the rest­ric­tion of the pro­ces­sing of your per­so­nal data ins­tead of its era­di­ca­ti­on.
  • If you have rai­sed an objec­tion pur­su­ant to Art. 21(1) GDPR, your rights and our rights will have to be weig­hed against each other. As long as it has not been deter­mi­ned who­se inte­rests pre­vail, you have the right to demand a rest­ric­tion of the pro­ces­sing of your per­so­nal data.

If you have rest­ric­ted the pro­ces­sing of your per­so­nal data, the­se data – with the excep­ti­on of their archi­ving – may be pro­ces­sed only sub­ject to your con­sent or to cla­im, exer­cise or defend legal entit­le­ments or to pro­tect the rights of other natu­ral per­sons or legal enti­ties or for important public inte­rest reasons cited by the Euro­pean Uni­on or a mem­ber sta­te of the EU.

SSL and/or TLS encryp­ti­on

For secu­ri­ty reasons and to pro­tect the trans­mis­si­on of con­fi­den­ti­al con­tent, such as purcha­se orders or inqui­ries you sub­mit to us as the web­site ope­ra­tor, this web­site uses eit­her an SSL or a TLS encryp­ti­on pro­gram. You can reco­gni­ze an encrypt­ed con­nec­tion by che­cking whe­ther the address line of the brow­ser swit­ches from “http://” to “https://” and also by the appearance of the lock icon in the brow­ser line.

If the SSL or TLS encryp­ti­on is acti­va­ted, data you trans­mit to us can­not be read by third par­ties.

Encrypt­ed pay­ment tran­sac­tions on this web­site

If you are under an obli­ga­ti­on to share your pay­ment infor­ma­ti­on (e.g. account num­ber if you give us the aut­ho­ri­ty to debit your bank account) with us after you have ente­red into a fee-based con­tract with us, this infor­ma­ti­on is requi­red to pro­cess pay­ments.

Pay­ment tran­sac­tions using com­mon modes of pay­ing (Visa/MasterCard, debit to your bank account) are pro­ces­sed exclu­si­ve­ly via encrypt­ed SSL or TLS con­nec­tions. You can reco­gni­ze an encrypt­ed con­nec­tion by che­cking whe­ther the address line of the brow­ser swit­ches from “http://” to “https://” and also by the appearance of the lock icon in the brow­ser line.

If the com­mu­ni­ca­ti­on with us is encrypt­ed, third par­ties will not be able to read the pay­ment infor­ma­ti­on you share with us.

Rejec­tion of unso­li­ci­ted e‑mails

We here­wi­th object to the use of cont­act infor­ma­ti­on published in con­junc­tion with the man­da­to­ry infor­ma­ti­on to be pro­vi­ded in our Site Noti­ce to send us pro­mo­tio­nal and infor­ma­ti­on mate­ri­al that we have not express­ly reques­ted. The ope­ra­tors of this web­site and its pages reser­ve the express right to take legal action in the event of the unso­li­ci­ted sen­ding of pro­mo­tio­nal infor­ma­ti­on, for ins­tance via SPAM mes­sa­ges.

4. Recor­ding of data on this web­site

Coo­kies

Our web­sites and pages use what the indus­try refers to as “coo­kies.” Coo­kies are small data packa­ges that do not cau­se any dama­ge to your device. They are eit­her stored tem­po­r­a­ri­ly for the dura­ti­on of a ses­si­on (ses­si­on coo­kies) or they are per­ma­nent­ly archi­ved on your device (per­ma­nent coo­kies). Ses­si­on coo­kies are auto­ma­ti­cal­ly dele­ted once you ter­mi­na­te your visit. Per­ma­nent coo­kies remain archi­ved on your device until you actively dele­te them, or they are auto­ma­ti­cal­ly era­di­ca­ted by your web brow­ser.

Coo­kies can be issued by us (first-par­ty coo­kies) or by third-par­ty com­pa­nies (so-cal­led third-par­ty coo­kies). Third-par­ty coo­kies enable the inte­gra­ti­on of cer­tain ser­vices of third-par­ty com­pa­nies into web­sites (e.g., coo­kies for hand­ling pay­ment ser­vices).

Coo­kies have a varie­ty of func­tions. Many coo­kies are tech­ni­cal­ly essen­ti­al sin­ce cer­tain web­site func­tions would not work in the absence of the­se coo­kies (e.g., the shop­ping cart func­tion or the dis­play of vide­os). Other coo­kies may be used to ana­ly­ze user beha­vi­or or for pro­mo­tio­nal pur­po­ses.

Coo­kies, which are requi­red for the per­for­mance of elec­tro­nic com­mu­ni­ca­ti­on tran­sac­tions, for the pro­vi­si­on of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or tho­se that are neces­sa­ry for the opti­miza­ti­on (requi­red coo­kies) of the web­site (e.g., coo­kies that pro­vi­de mea­sura­ble insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fe­rent legal basis is cited. The ope­ra­tor of the web­site has a legi­ti­ma­te inte­rest in the sto­rage of requi­red coo­kies to ensu­re the tech­ni­cal­ly error-free and opti­mi­zed pro­vi­si­on of the operator’s ser­vices. If your con­sent to the sto­rage of the coo­kies and simi­lar reco­gni­ti­on tech­no­lo­gies has been reques­ted, the pro­ces­sing occurs exclu­si­ve­ly on the basis of the con­sent obtai­ned (Art. 6(1)(a) GDPR and § 25 (1) TDDDG); this con­sent may be revo­ked at any time.

You have the opti­on to set up your brow­ser in such a man­ner that you will be noti­fied any time coo­kies are pla­ced and to per­mit the accep­tance of coo­kies only in spe­ci­fic cases. You may also exclude the accep­tance of coo­kies in cer­tain cases or in gene­ral or acti­va­te the dele­te-func­tion for the auto­ma­tic era­di­ca­ti­on of coo­kies when the brow­ser clo­ses. If coo­kies are deac­ti­va­ted, the func­tions of this web­site may be limi­t­ed.

Which coo­kies and ser­vices are used on this web­site can be found in this pri­va­cy poli­cy.

Con­sent with Borlabs Coo­kie

Our web­site uses the Borlabs con­sent tech­no­lo­gy to obtain your con­sent to the sto­rage of cer­tain coo­kies in your brow­ser or for the use of cer­tain tech­no­lo­gies and for their data pri­va­cy pro­tec­tion com­pli­ant docu­men­ta­ti­on. The pro­vi­der of this tech­no­lo­gy is Borlabs GmbH, Rüben­kamp 32, 22305 Ham­burg, Ger­ma­ny (her­ein­af­ter refer­red to as Borlabs).

When­ever you visit our web­site, a Borlabs coo­kie will be stored in your brow­ser, which archi­ves any decla­ra­ti­ons or revo­ca­ti­ons of con­sent you have ente­red. The­se data are not shared with the pro­vi­der of the Borlabs tech­no­lo­gy.

The recor­ded data shall remain archi­ved until you ask us to era­di­ca­te them, dele­te the Borlabs coo­kie on your own or the pur­po­se of sto­ring the data no lon­ger exists. This shall be wit­hout pre­ju­di­ce to any reten­ti­on obli­ga­ti­ons man­da­ted by law. To review the details of Borlabs’ data pro­ces­sing poli­ci­es, plea­se visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs coo­kie con­sent tech­no­lo­gy to obtain the decla­ra­ti­ons of con­sent man­da­ted by law for the use of coo­kies. The legal basis for the use of such coo­kies is Art. 6(1)© GDPR.

Ser­ver log files

The pro­vi­der of this web­site and its pages auto­ma­ti­cal­ly coll­ects and stores infor­ma­ti­on in so-cal­led ser­ver log files, which your brow­ser com­mu­ni­ca­tes to us auto­ma­ti­cal­ly. The infor­ma­ti­on com­pri­ses:

  • The type and ver­si­on of brow­ser used
  • The used ope­ra­ting sys­tem
  • Refer­rer URL
  • The host­na­me of the acces­sing com­pu­ter
  • The time of the ser­ver inquiry
  • The IP address

This data is not mer­ged with other data sources.

This data is recor­ded on the basis of Art. 6(1)(f) GDPR. The ope­ra­tor of the web­site has a legi­ti­ma­te inte­rest in the tech­ni­cal­ly error free depic­tion and the opti­miza­ti­on of the operator’s web­site. In order to achie­ve this, ser­ver log files must be recor­ded.

Cont­act form

If you sub­mit inqui­ries to us via our cont­act form, the infor­ma­ti­on pro­vi­ded in the cont­act form as well as any cont­act infor­ma­ti­on pro­vi­ded the­r­ein will be stored by us in order to hand­le your inquiry and in the event that we have fur­ther ques­ti­ons. We will not share this infor­ma­ti­on wit­hout your con­sent.

The pro­ces­sing of the­se data is based on Art. 6(1)(b) GDPR, if your request is rela­ted to the exe­cu­ti­on of a con­tract or if it is neces­sa­ry to car­ry out pre-con­trac­tu­al mea­su­res. In all other cases the pro­ces­sing is based on our legi­ti­ma­te inte­rest in the effec­ti­ve pro­ces­sing of the requests addres­sed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been reques­ted; the con­sent can be revo­ked at any time.

The infor­ma­ti­on you have ente­red into the cont­act form shall remain with us until you ask us to era­di­ca­te the data, revo­ke your con­sent to the archi­ving of data or if the pur­po­se for which the infor­ma­ti­on is being archi­ved no lon­ger exists (e.g., after we have con­cluded our respon­se to your inquiry). This shall be wit­hout pre­ju­di­ce to any man­da­to­ry legal pro­vi­si­ons, in par­ti­cu­lar reten­ti­on peri­ods.

Request by e‑mail, tele­pho­ne, or fax

If you cont­act us by e‑mail, tele­pho­ne or fax, your request, inclu­ding all resul­ting per­so­nal data (name, request) will be stored and pro­ces­sed by us for the pur­po­se of pro­ces­sing your request. We do not pass the­se data on wit­hout your con­sent.

The­se data are pro­ces­sed on the basis of Art. 6(1)(b) GDPR if your inquiry is rela­ted to the ful­fill­ment of a con­tract or is requi­red for the per­for­mance of pre-con­trac­tu­al mea­su­res. In all other cases, the data are pro­ces­sed on the basis of our legi­ti­ma­te inte­rest in the effec­ti­ve hand­ling of inqui­ries sub­mit­ted to us (Art. 6(1)(f) GDPR) or on the basis of your con­sent (Art. 6(1)(a) GDPR) if it has been obtai­ned; the con­sent can be revo­ked at any time.

The data sent by you to us via cont­act requests remain with us until you request us to dele­te, revo­ke your con­sent to the sto­rage or the pur­po­se for the data sto­rage lap­ses (e.g. after com­ple­ti­on of your request). Man­da­to­ry sta­tu­to­ry pro­vi­si­ons — in par­ti­cu­lar sta­tu­to­ry reten­ti­on peri­ods — remain unaf­fec­ted.

5. Ana­ly­sis tools and adver­ti­sing

Goog­le Tag Mana­ger

We use the Goog­le Tag Mana­ger. The pro­vi­der is Goog­le Ire­land Limi­t­ed, Gor­don House, Bar­row Street, Dub­lin 4, Ire­land

The Goog­le Tag Mana­ger is a tool that allows us to inte­gra­te track­ing or sta­tis­ti­cal tools and other tech­no­lo­gies on our web­site. The Goog­le Tag Mana­ger its­elf does not crea­te any user pro­files, does not store coo­kies, and does not car­ry out any inde­pen­dent ana­ly­ses. It only mana­ges and runs the tools inte­gra­ted via it. Howe­ver, the Goog­le Tag Mana­ger does coll­ect your IP address, which may also be trans­fer­red to Google’s parent com­pa­ny in the United Sta­tes.

The Goog­le Tag Mana­ger is used on the basis of Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the quick and uncom­pli­ca­ted inte­gra­ti­on and admi­nis­tra­ti­on of various tools on his web­site. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

Goog­le Ana­ly­tics

This web­site uses func­tions of the web ana­ly­sis ser­vice Goog­le Ana­ly­tics. The pro­vi­der of this ser­vice is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

Goog­le Ana­ly­tics enables the web­site ope­ra­tor to ana­ly­ze the beha­vi­or pat­terns of web­site visi­tors. To that end, the web­site ope­ra­tor recei­ves a varie­ty of user data, such as pages acces­sed, time spent on the page, the uti­li­zed ope­ra­ting sys­tem and the user’s ori­gin. This data is assi­gned to the respec­ti­ve end device of the user. An assign­ment to a user-ID does not take place.

Fur­ther­mo­re, Goog­le Ana­ly­tics allows us to record your mou­se and scroll move­ments and clicks, among other things. Goog­le Ana­ly­tics uses various mode­ling approa­ches to aug­ment the coll­ec­ted data sets and uses machi­ne lear­ning tech­no­lo­gies in data ana­ly­sis.

Goog­le Ana­ly­tics uses tech­no­lo­gies that make the reco­gni­ti­on of the user for the pur­po­se of ana­ly­zing the user beha­vi­or pat­terns (e.g., coo­kies or device fin­ger­prin­ting). The web­site use infor­ma­ti­on recor­ded by Goog­le is, as a rule trans­fer­red to a Goog­le ser­ver in the United Sta­tes, whe­re it is stored.

The use of the­se ser­vices occurs on the basis of your con­sent pur­su­ant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revo­ke your con­sent at any time.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

IP anony­miza­ti­on

Goog­le Ana­ly­tics IP anony­miza­ti­on is acti­ve. As a result, your IP address will be abbre­via­ted by Goog­le within the mem­ber sta­tes of the Euro­pean Uni­on or in other sta­tes that have rati­fied the Con­ven­ti­on on the Euro­pean Eco­no­mic Area pri­or to its trans­mis­si­on to the United Sta­tes. The full IP address will be trans­mit­ted to one of Google’s ser­vers in the United Sta­tes and abbre­via­ted the­re only in excep­tio­nal cases. On behalf of the ope­ra­tor of this web­site, Goog­le shall use this infor­ma­ti­on to ana­ly­ze your use of this web­site to gene­ra­te reports on web­site acti­vi­ties and to ren­der other ser­vices to the ope­ra­tor of this web­site that are rela­ted to the use of the web­site and the Inter­net. The IP address trans­mit­ted in con­junc­tion with Goog­le Ana­ly­tics from your brow­ser shall not be mer­ged with other data in Google’s pos­ses­si­on.

Brow­ser plug-in

You can pre­vent the recor­ding and pro­ces­sing of your data by Goog­le by down­loa­ding and instal­ling the brow­ser plug­in available under the fol­lo­wing link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­ti­on about the hand­ling of user data by Goog­le Ana­ly­tics, plea­se con­sult Google’s Data Pri­va­cy Decla­ra­ti­on at: https://support.google.com/analytics/answer/6004245?hl=en.

Con­tract data pro­ces­sing

We have exe­cu­ted a con­tract data pro­ces­sing agree­ment with Goog­le and are imple­men­ting the strin­gent pro­vi­si­ons of the Ger­man data pro­tec­tion agen­ci­es to the ful­lest when using Goog­le Ana­ly­tics.

Mato­mo

This web­site uses the open-source web ana­ly­sis ser­vice Mato­mo.

Through Mato­mo, we are able to coll­ect and ana­ly­ze data on the use of our web­site-by-web­site visi­tors. This enables us to find out, for ins­tance, when which page views occur­red and from which regi­on they came. In addi­ti­on, we coll­ect various log files (e.g. IP address, refer­rer, brow­ser, and ope­ra­ting sys­tem used) and can mea­su­re whe­ther our web­site visi­tors per­form cer­tain actions (e.g. clicks, purcha­ses, etc.).

The use of this ana­ly­sis tool is based on Art. 6(1)(f) GDPR. The web­site ope­ra­tor has a legi­ti­ma­te inte­rest in the ana­ly­sis of user pat­terns, in order to opti­mi­ze the operator’s web offe­rings and adver­ti­sing. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

IP anony­miza­ti­on

For ana­ly­sis with Mato­mo we use IP anony­miza­ti­on. Your IP address is shor­ten­ed befo­re the ana­ly­sis, so that it is no lon­ger cle­ar­ly assi­gnable to you.

Ana­ly­sis wit­hout coo­kies

We have con­fi­gu­red Mato­mo in such a way that Mato­mo will not store coo­kies in your brow­ser.

Hos­ting

We host Mato­mo exclu­si­ve­ly on our own ser­vers so that all ana­ly­sis data remains with us and is not pas­sed on.

6. Plug-ins and Tools

Goog­le Maps

This web­site uses the map­ping ser­vice Goog­le Maps. The pro­vi­der is Goog­le Ire­land Limi­t­ed (“Goog­le”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land. With the means of this ser­vice, we can inte­gra­te map mate­ri­al on our web­site.

To enable the use of the Goog­le Maps fea­tures, your IP address must be stored. As a rule, this infor­ma­ti­on is trans­fer­red to one of Google’s ser­vers in the United Sta­tes, whe­re it is archi­ved. The ope­ra­tor of this web­site has no con­trol over the data trans­fer. In case Goog­le Maps has been acti­va­ted, Goog­le has the opti­on to use Goog­le Fonts for the pur­po­se of the uni­form depic­tion of fonts. When you access Goog­le Maps, your brow­ser will load the requi­red web fonts into your brow­ser cache, to cor­rect­ly dis­play text and fonts.

We use Goog­le Maps to pre­sent our online con­tent in an appe­al­ing man­ner and to make the loca­ti­ons dis­c­lo­sed on our web­site easy to find. This con­sti­tu­tes a legi­ti­ma­te inte­rest as defi­ned in Art. 6(1)(f) GDPR. If appro­pria­te con­sent has been obtai­ned, the pro­ces­sing is car­ri­ed out exclu­si­ve­ly on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the con­sent includes the sto­rage of coo­kies or the access to infor­ma­ti­on in the user’s end device (e.g., device fin­ger­prin­ting) within the mea­ning of the TDDDG. This con­sent can be revo­ked at any time.

Data trans­mis­si­on to the US is based on the Stan­dard Con­trac­tu­al Clau­ses (SCC) of the Euro­pean Com­mis­si­on. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more infor­ma­ti­on on the hand­ling of user data, plea­se review Google’s Data Pri­va­cy Decla­ra­ti­on under: https://policies.google.com/privacy?hl=en.

The com­pa­ny is cer­ti­fied in accordance with the “EU-US Data Pri­va­cy Frame­work” (DPF). The DPF is an agree­ment bet­ween the Euro­pean Uni­on and the US, which is inten­ded to ensu­re com­pli­ance with Euro­pean data pro­tec­tion stan­dards for data pro­ces­sing in the US. Every com­pa­ny cer­ti­fied under the DPF is obli­ged to com­ply with the­se data pro­tec­tion stan­dards. For more infor­ma­ti­on, plea­se cont­act the pro­vi­der under the fol­lo­wing link: https://www.dataprivacyframework.gov/participant/5780.

7. eCom­mer­ce and pay­ment ser­vice pro­vi­ders

Pro­ces­sing of Cus­to­mer and Con­tract Data

We coll­ect, pro­cess, and use per­so­nal cus­to­mer and con­tract data for the estab­lish­ment, con­tent arran­ge­ment and modi­fi­ca­ti­on of our con­trac­tu­al rela­ti­onships. Data with per­so­nal refe­ren­ces to the use of this web­site (usa­ge data) will be coll­ec­ted, pro­ces­sed, and used only if this is neces­sa­ry to enable the user to use our ser­vices or requi­red for bil­ling pur­po­ses. The legal basis for the­se pro­ces­ses is Art. 6(1)(b) GDPR.

The coll­ec­ted cus­to­mer data shall be dele­ted upon com­ple­ti­on of the order or ter­mi­na­ti­on of the busi­ness rela­ti­onship and upon expi­ra­ti­on of any exis­ting sta­tu­to­ry archi­ving peri­ods. This shall be wit­hout pre­ju­di­ce to any sta­tu­to­ry archi­ving peri­ods.

Data trans­fer upon clo­sing of con­tracts for ser­vices and digi­tal con­tent

We share per­so­nal data with third par­ties only if this is neces­sa­ry in con­junc­tion with the hand­ling of the con­tract; for ins­tance, with the finan­cial insti­tu­ti­on tas­ked with the pro­ces­sing of pay­ments.

Any fur­ther trans­fer of data shall not occur or shall only occur if you have express­ly con­sen­ted to the trans­fer. Any sha­ring of your data with third par­ties in the absence of your express con­sent, for ins­tance for adver­ti­sing pur­po­ses, shall not occur.

The basis for the pro­ces­sing of data is Art. 6(1)(b) GDPR, which per­mits the pro­ces­sing of data for the ful­film­ent of a con­tract or for pre-con­trac­tu­al actions.