Data protection Sporthotel Grafenwald
Owner: Ferienpark Daun GmbH & Co. KG Vulkaneifel
1. PRIVACY AND DATA PROTECTION
Below we inform you about how your personal data is handled when using our website (https://www.sporthotel-grafenwald.de) and our booking engine https://onepagebooking.com/sporthotel-grafenwald and Online Shop (http://www.vbooking.com/sporthotel-grafenwald). Personal information is any data by which you could be personally identified. Of course, you can object to the use of your data at any time, unless this data is necessary to process a contractual relationship. If you wish to object to the use of your data, simply send an email to: firstname.lastname@example.org.
Dipl. Benno Maubach (BA Economics)
Im Grafenwald 1
Data protection officer:
Mr. Alexander Schulz
KARST IT GmbH
Am Stadtgraben 3
Telephone: 02632 94 59 -0
For security reasons and to protect the transmission of personal data, our website uses SSL encryption. You can recognise an encrypted connection by the character string "https://".
From 25.05.2018, the legal basis of data protection can be found in the General Data Protection Regulation (GDPR).
We collect and store data for marketing and optimisation purposes. This concerns, for example, data on the website from which you have accessed our service (e.g. via advertising banners) and which websites you have visited within our offer. For this purpose, „coo- kies“ (see point 5) or pixel-code techniques can be used, which, however, only collect and store data. When you visit our website, the IP address of your computer, the date and time of your visit, browser type, pages visited and the operating system are stored. This data is evaluated exclusively for statistical purposes in anonymous form without specific personal reference. No user or behaviour profiles or similar are created. The legal basis for data processing is Art. 6 para. 1 clause 1 letter f) GDPR. Our legitimate interest follows from the above-mentioned purposes.
You can lodge an objection against the processing. You have the right to object on grounds relating to your particular situation. To lodge an objection, please send an email to email@example.com.
We use temporary cookies, also called "session cookies", for the duration of your visit to our website in order to make using our offering more pleasant for you. They only contain purely technical information and no personal data. They are automatically removed when you leave our website. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR.
Furthermore, we use permanent cookies with a limited lifetime in order to analyse the use of our Internet pages and marketing campaigns, and to optimise the user-friendliness of our service for you. This data that is processed by means of cookies is processed on the basis of your consent, in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. This homepage has a query function for obtaining your consent – also known as the Consent Management Platform (CMP for short). However, if you later want to prevent the use of permanent cookies, you have the option to delete them in your browser. To find out how this works on the browser you are using, please use the browser‘s help function or contact the supplier. However, we recommend that you leave the cookie functions switched on, as this is the only way to make all the convenience functions available to you.
Change consent to cookies and external resources
You can see the list of cookies we use
7. USE OF YOUR PERSONAL DATA
Personal data is information which can identify a person, i.e. information that can be traced back to a person. This includes their name, email address, or telephone number. Personal data also includes data on preferences, hobbies, memberships, or which websites were viewed by someone.
Personal data will only be collected, used, and passed on by the provider if this is permitted by law or if the user consents to the data collection.
When you make a reservation request using the contact form on our website, your details will be stored for the purpose of processing your request and in the event that any follow-up questions arise. Your email with the contact data will be archived in our digital repository. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 clause 1 letter a) or b) GDPR on the basis of your voluntary consent.
If you use the feedback contact form on our website, your details will only be saved for processing if you wish to receive a reply by email. Your email with the contact data will be archived in our digital repository. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 clause 1 letter a) GDPR on the basis of your voluntary consent.
REQUEST A BROCHURE
By using the contact form to request brochures via our website, your details are stored for the purpose of processing the request and further processing for sending brochures by post. Your email with the contact data will be archived in our digital repository. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 clause 1 letter a) GDPR on the basis of your voluntary consent.
COMMENTS AND POSTS
If you leave comments, ratings or other posts, your IP addresses will be stored. This is done for the legal protection of Ferienpark Daun GmbH & Co KG Vulkaneifel, in the event that comments contain illegal content (insults, forbidden political propaganda, etc.). In this case, Ferienpark Daun GmbH & Co KG Vulkaneifel could themselves be prosecuted for the comment and therefore has a legitimate interest in the identity of the author within the meaning of Art. 6 para. 1 clause 1 letter f) GDPR.
The personal data that you communicate to us via a website (e.g. your name and address or email address) is only used for correspon- dence purposes and only processed for the purpose for which you have made the data available to us. Furthermore, we will only use this data for occasionally sending further information on certain offers, products or other services on our part if you have given your explicit prior consent. You may revoke this consent at any time in the future: send an email to firstname.lastname@example.org.
INTEGRATION OF SERVICES AND CONTENT FROM THIRD PARTIES
It may be the case that third-party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites, is integrated within the offering of our website in order to make the use of our website even more convenient for you. This always requires you to have given your prior consent to this via the CMS query.
The providers of this content (hereinafter referred to as "third-party providers") require the user's IP address. This is because they would not be able to transmit the content to each user's browser without the IP address. This means that if you do not give your consent to this, these features will not be available to you. Data processing is based on Art. 6 para. 1 clause 1 letter f) GDPR. We strive only to use content from providers who use the IP address to deliver content, and for nothing else. However, we have no influence over whether the third party provider might save the IP address, e.g. for statistical purposes. If we know of any such usage, we notify the user.
8. GOOGLE ANALYTICS AND GOOGLE ADWORDS
This website uses Google Analytics, a web analysis service provided by Google Inc. („Google“). This use includes „Universal Analytics“ operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyse user‘s activities across devices. This data protection notice is provided by www.intersoft-consulting.de. This evaluation will only take place if you have given your consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. Your consent is obtained via the CMS query. “In addition, we would like to point out that the Privacy Shield solution was classified as unlawful by the European Court of Justice in its judgment of July 16, 2020 (Az: C-311/18). The Privacy Shield solution was the legal basis for data transmission and processing in the USA for a large number of US companies. As a result of its omission, the legal basis is your consent in accordance with Art. 49 Para. 1 a) of the GDPR. We would like to point out that there are currently no suitable guarantees (Art. 46 GDPR) or an adequacy decision (Art. 45 GDPR) for the transfer of data to the USA and that there is a risk for you and your personal data."
Purpose of processing:
On behalf of the operator of this website, Google will use this information to evaluate your use of the website in order to compile reports on the activities of the website and to provide further services relating to the use of the website and the internet usage vis-a-vis the operator of the website.
Recipient / categories of recipients:
The recipient of the data collected is Google.
Duration of data retention:
The data sent by us and linked with cookies, user IDs or advertising IDs is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.
Rights of data subjects:
You can revoke your consent at any time with future effect by preventing the storage of cookies by setting your browser software accordingly; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.
Furthermore, you can prevent the collection of data generated by the cookie and related to the usage of the website (including your IP address) and the processing of the data by Google by downloading and installing the browser plugin.
We also use the online advertising program „Google AdWords“ and the conversion tracking of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“) within the framework of Google AdWords, to statistically record and evaluate the use of our website for the purpose of optimising our website. With the help of Google Adwords, advertisements (Google Adwords) are placed on external websites in order to draw attention to our offers. Based on the data from the advertising campaigns, we determine how successful the individual advertising measures are.
The cookie for conversion tracking is set when a user clicks on an ad placed by Google. Cookies are small text files which are saved on your computer system. These cookies expire after 30 days and are not used for personal identification. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page. Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an Adwords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted into conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users.
Participation in this will only take place if you have given your prior consent to this via the CMS query. You can also block such usage by deactivating the Google Conversion Tracking cookie via your internet browser under the user settings. You will then not be included in the Conversion Tracking statistics. We only use Google Adwords on our homepage with your consent, in accordance with Art. 6 para. 1 lit. a) GDPR.
“In addition, we would like to point out that the Privacy Shield solution was classified as unlawful by the European Court of Justice in its judgment of July 16, 2020 (Az: C-311/18). The Privacy Shield solution was the legal basis for data transmission and processing in the USA for a large number of US companies. As a result of its omission, the legal basis is your consent in accordance with Art. 49 Para. 1 a) of the GDPR. We would like to point out that there are currently no suitable guarantees (Art. 46 GDPR) or an adequacy decision (Art. 45 GDPR) for the transfer of data to the USA and that there is a risk for you and your personal data."
The following website provides more information about Google‘s privacy policies: http://www.google.de/policies/privacy/
You can permanently deactivate cookies for advertising preferences by preventing them by setting your browser software accordingly or by downloading and installing the browser plug-in available under the following link: http://www.google.com/settings/ads/plugin?hl=en
SUBSCRIBING TO THE EMAIL NEWSLETTER
If you subscribe to our newsletter, we will send you information about the hotel, holiday park, and products or news on the company approx. once a month. Only your email address is mandatory information to subscribe to a newsletter. Any other further information is voluntary and is used to address you personally. We only send newsletters and emails on the basis of legal permission or with the consent of the recipient (e.g. written consent at check-in). For the registration of the newsletter we use the „Double-Opt-In“ procedure. This means that upon subscribing, you will receive an email requesting confirmation of the subscription. The confirmation is required to ensure that no one else can subscribe using your email address.
A record of subscriptions to the newsletter is kept to fulfil the legal requirements for recording the subscription process, Art 7 para. 1 GDPR. The record contains the time of subscription and confirmation as well as the relevant IP address, date and time.
10. ONLINE SHOP
For all orders placed in our online shop, the data you have entered will be processed automatically and sent to the shop operator Hotel Net Solutions (http://www.vbooking.com/sporthotel-grafenwald). In this connection, you will receive advertising information exclusively from the shop operator Hotel Net Solutions, HotelNetSolutions GmbH – Genthiner Str. 8 – 10785 Berlin. This data is not transferred to third parties. All data such as your credit card number, bank code, account number, name and address when paying with credit cards are transmitted via certified payment providers via their secure SSL line in compliance with PCI guidelines. This means that no unauthorised persons (according to the current technical status) can read the data you have entered during transmission on the Internet. The information is processed automatically. This data is not transferred to third parties.
11. YOUR RIGHTS
You have the right:
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may obtain in- formation about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if this has not been collected by us, and requires the existence of automated decision-making including profiling and, where appropriate, meaningful information about its detail;
- to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR;
- to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- according to Art. 18 GDPR to demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need this to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;
- according to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another responsible person;
- in accordance with Art. 7 para. 3 GDPR, you can revoke your consent provided to us at any time. As a result, we will no longer be permitted to continue processing data based on this consent in the future.
- to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our headquarters.
The supervisory authority responsible for us:
Supervisory authority for data protection in the non-public area in Rhineland-Palatinate
The State Commissioner for Data Protection Rhineland-Pfalz
Hintere Bleiche 34, 55116 Mainz
If your personal data is processed based on legitimate interests in accordance with Art. 6 para. 1 clause 1 letter f) GDPR, you have the right in accordance with Art. 21 GDPR to object to your personal data being processed if there are reasons for this which arise from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation.
If you wish to exercise your right of revocation or objection, simply send an email to email@example.com.
For further questions, please contact the data protection officer of Ferienpark Daun GmbH & Co KG Vulkaneifel:
Last updated: 01. December 2020