Data protection & cookies
Data protection declaration and cookies
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally, e.g. your name and address, but also, for example, your Internet address (IP address) with which you are currently surfing the web. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
Responsible body (responsible person)
The person responsible for data processing on this website and all integrated websites is:
Seehuus GmbH & Co. KG
Strandstraße 69
23669 Timmendorfer Strand/Niendorf
Phone: 04503 801260
Email: info@seehuus-hotel.de
Webseite: www.seehuus-hotel.de
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
Questions about data protection
If you have any questions about data protection with regard to our company or our websites, we will be happy to answer your questions at any time.
You can address your concerns to our data protection officer using the following contact details:
Data Protection Officer of Seehuus GmbH & Co. KG
c/o adasis GmbH
Am Kaiserkai 69
20457 Hamburg
Email: datenschutz@seehuus-hotel.de
Your Rights
You have the following rights with regard to personal data concerning you:
Right to information (Art. 15 EU EU GDPR.)
You have the right at any time to free information about your stored personal data, its origin and recipients and the purpose of the data processing, incl. the use of your personal data. including a copy of the personal data that is the subject of the processing.
Right of rectification (Art. 16 EU GDPR)
Sie haben jederzeit das Recht, sie betreffende unrichtige personenbezogenen Daten berichtigen bzw. unvollständige personenbezogene Daten vervollständigen zu lassen.
Right to erasure (Art. 17 EU GDPR)
We will delete your personal data immediately,
– if you revoke your consent to lawful processing and there are no other legal grounds for storage.
– if you object to the processing. As long as the objection remains valid and the matter has not been clarified, your data will be blocked. You can withdraw your objection by giving your written consent.
– if they are no longer needed for the purposes for which they were collected or otherwise processed.
– if the processing is inadmissible for other legal reasons.
Right to restriction of processing (Art. 18 EU GDPR)
You have the right to restrict the processing of your personal data if
– You dispute the accuracy of your personal data for a period of time that allows us to verify its accuracy.
– the processing is unlawful, but you oppose the erasure of your personal data and request the restriction of its use instead of erasure.
– we no longer require your personal data for the purposes but need it to assert, exercise or defend legal claims.
– You have objected to the processing, but it is not yet clear whether our legitimate reasons outweigh your reasons.
You can remove the restriction by giving your written consent.
Right to data portability (Art. 20 EU GDPR)
You have the right to receive your personal data that you have provided to us or to transfer it to another controller if the conditions of Art. 20 para. if the requirements of Article 20 (1) (a) and (b) of the EU GDPR are met.
Right to object to processing (Art. 21 EU GDPR)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Article 6 (1) (e) or (f) of the EU GDPR; this also applies to profiling based on these provisions.
The controller shall no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated procedures using technical specifications.
Right to withdraw your consent (Art. 7 para. 3 EU GDPR)
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
Automated decision-making in individual cases, including profiling (Art. 22 EU GDPR)
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
This shall not apply if the decision
- is necessary for entering into or performing a contract between you and the controller,
- is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
- is based on your explicit consent.
However, these decisions must not be based on special categories of personal data pursuant to Art. 9(1) EU GDPR, unless Art. 9 (2 )(a) or (g) EU GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.
With regard to the cases referred to in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms of, and your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
Right to complain to a data protection supervisory authority (Art. 77 EU GDPR.)
You can contact the data protection supervisory authority responsible for you at any time with a complaint about the processing of your personal data carried out by us. A list of supervisory authorities (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
If you wish to exercise one or more of your rights against us, please let us know. To do so, use the contact details listed in the section “Responsible party (responsible person)” or in the section “Questions about data protection”.
Assertion of data subject rights
If you, as the data subject, wish to assert one or more rights against the controller, you can contact the controller at any time. Please use the contact details provided in the section ‘Questions about data protection’.
Transfer of data to third parties
Your personal data will not be transferred to third parties for purposes other than those listed below.
We only share your personal data with third parties if:
- You have given us your express consent in accordance with Art. 6 (1) a EU GDPR,
- the transfer is permissible in accordance with Art. 6 (1) (f) EU GDPR to safeguard our legitimate interests and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
- in the event that there is a legal obligation to disclose the data in accordance with Art. 6 para. 1 lit. c EU GDPR, and
- this is legally permissible and necessary for the performance of contractual relationships with you in accordance with Art. 6 (1) b EU GDPR.
We sometimes use external service providers (known as processors) to process your data. These are carefully selected by us, are bound by our instructions, and are contractually obliged in accordance with Art. 28 GDPR or on the basis of the European Commission’s standard contractual clauses to take appropriate technical and organisational measures to protect your data. Order processing is carried out exclusively on the basis of a corresponding contract in order to ensure the protection of your personal data.
Data is transferred to third parties, namely service providers and their assistants, some of whom offer cloud-based software and data processing solutions for the hotel, and who process guest data on behalf of the hotel for the purpose of enabling and executing the guest’s booking; carrying out the guest’s stay; tailoring the stay to the guest’s wishes and interests; the possibility of offering services in line with the guest’s interests in the future; marketing in connection with the hotel’s services and improving the hotel’s services, such as guest reviews, evaluating and processing.
Within the scope of these processing operations and those described in the following privacy policy, personal data may be transferred to the United States. Companies in the United States only have an adequate level of data protection if they are certified under the EU-US Data Privacy Framework and thus subject to the adequacy decision of the EU Commission pursuant to Art. 45 EU GDPR. We have explicitly mentioned this in the privacy policy for the service providers concerned. In order to protect your data in all other cases, we have concluded agreements on order processing based on the standard contractual clauses of the European Commission. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent may be required in accordance with Art. 49 para. (1) a EU GDPR serves as the legal basis for transfers to third countries. This does not apply to data transfers to third countries for which the European Commission has issued an adequacy decision in accordance with Art. 45 EU GDPR.
Encryption
This website uses TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Hosting by UD Media
We host our website with UD Media GmbH, Kölner Straße 28, 41812 Erkelenz (hereinafter referred to as web host).
When you visit our website, your personal data (e.g. IP addresses in log files) is processed on the servers of our web host.
The use of our web host is based on Art. 6 (1) f EU GDPR. We have a legitimate interest in ensuring that our website is presented and provided in the most reliable manner possible and that it is secure.
We have concluded a contract for order processing (AVV) in accordance with Art. 28 EU GDPR with our web host. This is a contract required by data protection law, which ensures that our web host processes the personal data of our website visitors only in accordance with our instructions and in compliance with the EU GDPR.
Further information on our web host’s data protection regulations can be found at: https://udmedia.de/service/datenschutz/.
Server-Log Files
Our webspace provider automatically collects and stores information in so-called server log files. We collect and store the following data automatically transmitted to us by your browser:
– Browser type and version
– Operating system used
– Referrer URL (website from which you came to us)
– Host name of the accessing computer (IP address)
– Time of the server request
The temporary processing of the IP address by the system is necessary to technically enable delivery of the website to your computer. Processing of your IP address for the duration of the session is necessary for this. The legal basis is Art. 6 (1) (f) EU GDPR.
This data is not merged with other data sources. The storage is limited in time and only takes place for optimisation and to ensure the security of our IT systems.
Cloudflare
We use the Content Delivery Network (CDN) provided by Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (Cloudflare) to increase the security and delivery speed of our website. This is in line with our legitimate interest (Art. 6(1)(f) EU GDPR). A CDN is a network of servers distributed [worldwide] that is capable of delivering optimised content to website users. For this purpose, personal data may be processed in Cloudflare’s server log files.
Cloudflare is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 (1) (f) EU GDPR, as we do not operate a content delivery network ourselves.
You have the right to object to the processing. Whether the objection is successful must be determined by weighing up the interests involved.
The processing of the data specified in this section is not required by law or contract. The functionality of the website cannot be guaranteed without this processing.
Your personal data will be stored by Cloudflare for as long as necessary for the purposes described.
Further information on objection and removal options with regard to Cloudflare can be found at: Cloudflare DPA
Cloudflare is certified under the EU-US Data Privacy Framework. This means that an adequacy decision pursuant to Art. 45 EU GDPR has been issued, allowing the transfer of personal data without further guarantees or additional measures.
Cookies
Our website uses cookies. Cookies are small text files that are stored in the internet browser or by the internet browser on a user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is visited again.
Cookies are stored on your computer. Therefore, you have full control over the use of cookies. By selecting the appropriate technical settings in your internet browser, you can be notified before cookies are set and decide individually whether to accept them, as well as prevent the storage of cookies and transmission of the data they contain. Cookies that have already been saved can be deleted at any time. However, we would like to point out that you may not be able to use all functions of this website to their full extent.
You can find out how to manage (including disabling) cookies in the main browsers by following the links below:
Chrome: https://support.google.com/accounts/answer/61416?hl=de
Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac
Technically necessary cookies
Unless otherwise stated in the privacy policy below, we only use these technically necessary cookies for the purpose of making our website more user-friendly, effective and secure. Furthermore, cookies enable our systems to recognise your browser even after a page change and to offer you services. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognised even after a page change.
The use of cookies or comparable technologies is based on Section 25 (2) TDDDG. Your personal data is processed on the basis of Art. 6 (1) lit. (f) EU GDPR due to our overriding legitimate interest in ensuring the optimal functionality of the website and a user-friendly and effective design of our offering. You have the right to object to the processing of your personal data at any time on grounds relating to your particular situation.
Cookie Consent Manager (CCM19)
We use CCM19 to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Papoo Software & Media GmbH, Auguststr. 4, 53229 Bonn (hereinafter referred to as ‘CCM19’).
When you enter our website, a connection is established to the CCM19 servers in order to obtain your consent and other declarations regarding the use of cookies.
The following data is transmitted to the provider:
- Your IP address (which is also used to determine your country)
- the browser used
- the language used
- the website accessed
CCM19 then stores a cookie and local storage in your browser in order to be able to assign the consents you have given or their revocation. This cookie, ‘CCM_CONSENT’, is stored for one year.
The data collected in this way will be stored until you request us to delete it, delete the CCM19 cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. You can change consents you have already given and revoke your consent via the icon at the bottom right of your browser.
We have concluded a contract for order processing (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the EU GDPR.
We are legally obliged to obtain the required consent for the use of cookies and cookie-based applications that require consent. We use CCM19 to comply with this obligation. This also constitutes our legitimate interest pursuant to Art. 6(1) sentence 1 (f) EU GDPR.
Links to other websites
Our website may contain links to the websites of other providers. We cannot influence their compliance with data protection regulations, which is why our data protection declaration does not extend to them.
Contents of our website
Contact form
You can send us enquiries via a contact form on our website. In addition to mandatory fields, the contact form also contains optional fields.
We process the information you provide in the form, including the contact details you enter there, for the purpose of processing the enquiry. This data will not be passed on to third parties or processed for other purposes without your express consent. As soon as you send your request, the person responsible will receive an email with all this information so that he or she can process your request immediately.
The legal basis for processing is Art. 6 (1) (a) EU GDPR or Art. 6 (1) (b) EU GDPR if the purpose of establishing contact is to conclude a contract or take pre-contractual measures.
Voucher order
On our website we offer you the possibility to purchase various value vouchers.
We collect a wide range of data via the voucher order form, which we require for processing. This data will not be passed on to third parties or processed for other purposes without your express consent. As soon as you send your request, the person responsible will receive an email with all this information so that he or she can process your request immediately.
For the voucher order form, we use the online application provided by Jotform Ltd. (Jotform), 4 Embarcadero Centre, Suite 780, San Francisco CA 94111. The data is transferred to Jotform in the USA for processing. Jotform processes your personal data only on behalf of and on the instructions of the controller.
Jotform has submitted to the EU-U.S. Privacy Shield. For more information, please visit the following link: https://www.privacyshield.gov/welcome. To protect your data in the United States, we have entered into a data processing agreement with Jotform based on the European Commission’s standard contractual clauses to enable the transfer of your personal data to Jotform.
The legal basis for processing is Art. 6 (1) EU GDPR, as the request is aimed at the conclusion of a contract or pre-contractual measures.
Direct booking and availability check
On our website you have the possibility to book rooms and other additional services in our hotel directly or to enquire about availability. Alternatively, you can also send us a booking request directly by telephone or email. We collect, process and use your personal data provided during the booking process exclusively for the establishment, implementation and processing of the contractual relationship established by the booking and on the basis of the provisions of the Federal Registration Act (BMG). In addition, you can provide us with further information. These are based on a purely voluntary basis.
The hotel uses the direct booking system OnePageBooking from HotelNetSolutions GmbH, Genthiner Str. 8, 10785 Berlin, for online bookings. HotelNetSolutions GmbH acts in compliance with data protection regulations, which have been contractually agreed between the responsible party and the processor.
We use the revenue management system provided by Hotelpartner Deutschland GmbH
Steinstraße 27, 20095 Hamburg, Germany, to send reservation offers in response to booking enquiries made by telephone or email, as well as any other booking-related messages.
In order to ensure data protection compliance, we have concluded a contract with the processor for order processing in accordance with Article 28 of the EU GDPR.
We delete the data accruing in this context from our system after the storage is no longer required or restrict the processing if there are statutory retention obligations.
The legal basis for processing is Article 6 (1) (b) of the EU GDPR.
MEWS
We use MEWS services for reservation processing (including online bookings), customer management, fulfilling our contractual obligations to our customers, and optimising our internal processes. These services are provided by Mews Systems B.V., Wibautstraat 137D, Scalehub 2nd floor, 1097DN, Amsterdam, Netherlands.
The following personal data may be processed in connection with the use of MEWS PMS:
- Name, address, email address and telephone number
- Date of birth, gender and nationality
- Passport or ID card number
- Payment information (e.g. credit card details)
- Stay details (e.g. booking details, check-in/check-out dates)
- Preferences and communication protocols
- car registration number
- Company, tax number
- language
- IP address and technical information (e.g. browser type, operating system)
Processing purposes and legal bases:
- Fulfilment of a contract pursuant to Art. 6 (1) (b) GDPR: For processing bookings, check-in/check-out processes and other services.
- Compliance with legal obligations pursuant to Art. 6 (1) c GDPR: For example, to comply with tax law requirements.
- Legitimate interests pursuant to Art. 6 (1) f GDPR: To improve our service offering and user-friendliness.
Information about your rights can be found under ‘Your rights’ in this privacy policy.
Further information, in particular regarding the use of cookies and the transfer of data to third parties in connection with the use of MEWS services, can be found in the MEWS privacy policy: https://www.mews.com/privacy.
MEWS processes your personal data in accordance with the provisions of the GDPR.
Registration form
In accordance with Sections 29 and 30(1) and (2) of the Federal Registration Act (BMG), the hotel is obliged to provide a registration form for guests who are not German citizens and to ensure that it is correctly completed and signed. In order to comply with this obligation, the name, address, date of birth, nationality, date of arrival and departure, number of fellow travellers without German citizenship and the serial number of the recognised and valid passport or passport replacement document are transferred to the registration form in advance or upon arrival in accordance with Section 30 (2) Nos. 1-8 BMG. Any missing information will be added upon arrival. Failure to provide the data may result in accommodation not being provided. The statutory storage period for the registration form is one year in accordance with Section 30 (4) BMG.
For the purpose of collecting the spa and tourism tax and issuing the spa card (ostseecard), data is collected for all guests in accordance with Section 30 (2) Nos. 1-3 of the Federal Registration Act (BMG). The first and last names as well as the arrival and departure dates of all adult guests are recorded and corresponding registration forms are created. For guests who are not German citizens, additional data may also be collected in accordance with Section 30 (2) Nos. 1-8 BMG. The registration forms are created via the registration platform of the spa administration, operated by AVS Abrechnungs- und Verwaltungs-Service GmbH, Josephsplatz 8, 95444 Bayreuth. The data you provide when making a binding booking is automatically transmitted to the spa administration via AVS. The basis for processing is Section 10 (1) LMG Schleswig-Holstein.
Satisfaction survey
We also use the email address and name you provided when making your binding booking to send you an email with a satisfaction survey about your stay after you have left. You will either receive a link to a review form or be redirected to a public review portal at random. This survey is used exclusively to evaluate and improve our customer relations. This is also our legitimate interest. The legal basis is Art. 6 (1) f EU GDPR and Section 7(3) UWG.
If you do not wish this data to be used for the aforementioned purpose, you naturally have the right to object at any time in accordance with Art. 21 (3) EU GDPR in conjunction with Section 7 (3) UWG.
Wellness treatment
When you make appointments for wellness treatments, your name, length of stay and, if applicable, your telephone number will be processed. To carry out the treatments, we use the professional services of the spa team from our partner hotel Grand Hotel Seeschlösschen or, if necessary, another external service provider. The respective service provider will receive your name and, if applicable, your length of stay and telephone number for the purpose of making appointments.
The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f EU GDPR, as the request is aimed at the conclusion of a contract or pre-contractual measures.
Newsletter
If you have expressly consented in accordance with Art. 6 (1) (a) GDPR and registered for our newsletter, we will use your email address and any other personal data you have provided to send you our newsletter on a regular basis. To receive the newsletter, you must provide your email address and your first and last name. You can unsubscribe at any time via a link at the end of each newsletter. You can also send us an email at any time to unsubscribe (marketing@seehuus-hotel.de). After unsubscribing, your data will no longer be used for sending the newsletter.
We analyse our newsletter campaigns using Smarthost (a service provided by SMART Host GmbH, Am Kupfergraben 6 A, 10117 Berlin). This allows us to determine how our newsletters are opened and used (e.g. clicks on links in a newsletter) in order to record and measure the success of certain marketing measures. This information is used to improve our website and newsletter and related marketing measures, in particular to tailor offers and information on other websites to the interests and wishes of users. Smarthost processes data (e.g. email addresses) exclusively in accordance with our instructions and will not use data for its own purposes or for the purposes of third parties, nor will it sell or pass on data to third parties. The legal basis for this is our legitimate interest pursuant to Art. 6 (1) f GDPR. Further information can be found here: https://www.smart-host.com/de/datenschutzerklaerung.
Application
The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also be carried out electronically. This is particularly the case if an applicant sends the relevant application documents to the controller electronically, for example by e-mail or via a contact form on the website.
If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application files shall be deleted six months after the notification of the rejection decision, unless otherwise justified by the legitimate interests of the controller. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
The legal basis for the processing of your data is Art. 6 (1) lit. b, Art. 88 EU GDPR in conjunction with § 26 (1) BDSG.
Payment
You have the option to pay either by providing your credit card details or by SofortÜberweisung.
For payment processing via the payment method “SofortÜberweisung” we use the payment service provider Klarna GmbH, Theresienhöhe 12, 80339 Munich. Your payment data is transmitted directly to the payment service provider for secure processing of the payment by the user and is not stored on our server. Your personal data will only be passed on to the extent necessary for the processing of the contract.
If you choose the payment method “credit card”, your credit card details will be stored on the OnePageBooking system. Your credit card will not be charged at this stage of the booking, but your details will be stored in the hotel system for later payment and will only be charged accordingly on departure.
Links to social media sites
Facebook, Instagram
The controller has integrated components from Meta Platforms Ireland Limited into this website in the form of links. The operator of the Facebook and Instagram services is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The parent company is Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.
If you are logged in to Facebook or Instagram at the same time and click on the link, the operating company can assign this visit to your user account and store this personal data. Your personal data may also be collected if you are not logged in or do not have an account with Facebook or Instagram. In this case, data is collected, for example, via cookies stored on your device or by recording your IP address.
The data policy published by the operating company on Facebook, which can be accessed at de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by the operating company.
Further information and Instagram’s applicable data protection provisions can be found at help.instagram.com/155833707900388 and help.instagram.com/519522125107875.
Facebook Connect
On our website, you can create a customer account or register using the social plugin ‘Facebook Connect’ from the social network Facebook, which is operated by Meta Platforms Inc. (formerly Facebook Inc.), 1 Hacker Way, Menlo Park, CA 94025, USA (‘Meta’), using the single sign-on technology if you have a Facebook profile. You can recognise the social plugins of ‘Facebook Connect’ on our website by the blue button with the Facebook logo and the inscription ‘Log in with Facebook’ or ‘Connect with Facebook’ or ‘Log in with Facebook’ or ‘Sign in with Facebook’.
When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Meta’s servers. The content of the plugin is transmitted directly from Facebook to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Meta server in the USA and stored there. These processing operations are carried out exclusively with your express consent in accordance with Art. 6 para. (1) a EU GDPR.
By using this ‘Facebook Connect’ button on our website, you also have the option of logging in or registering on our website using your Facebook user data. Only if you have given your express consent in accordance with Art. 6 (1) a EU GDPR, when you use the “Facebook Connect” button from Facebook, we receive the general and publicly accessible information stored in your profile, depending on your personal privacy settings on Facebook. This information includes your user ID, name, profile picture, age, and gender.
Please note that following changes to Facebook’s privacy policy and terms of use, granting consent may also result in the transfer of your profile pictures, your friends’ user IDs and your friends list, if these have been marked as ‘public’ in your privacy settings on Facebook. The data transmitted by Facebook is stored and processed by us to create a user account with the necessary data, if you have approved this on Facebook (title, first name, last name, address data, country, email address, date of birth). Conversely, based on your consent, data (e.g. information about your surfing or purchasing behaviour) may be transferred by us to your Facebook profile.
The consent given can be revoked at any time by sending a message to the controller named at the beginning of this statement.
For information on the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and settings options for protecting your privacy, please refer to Facebook’s privacy policy: https://www.facebook.com/policy.php
If you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the Facebook plugins from loading by using add-ons for your browser, e.g. ‘Adblock Plus’ (https://adblockplus.org/de/).
Web analytics
Google Analytics
We use Google Analytics, a web analytics service provided by Google Ireland Limited (https://www.google.de/intl/de/about/), Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’), on our websites. In this context, pseudonymised usage profiles are created and cookies (see ‘Cookies’) are used. The information generated by the cookie about your use of this website, such as
- the browser type/version,
- the operating system used,
- the referrer URL (the previously visited page),
- the host name of the accessing computer (IP address) and
- Time of the server request,
are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and the design of this website in line with user needs. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of Google. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that they cannot be assigned (IP masking).
You can prevent the installation of cookies by adjusting your browser software settings accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6 (1) a EU GDPR.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on the following link: Disable Google Analytics. An opt-out cookie will be set to prevent future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
You can view the Google Analytics privacy policy at: https://support.google.com/analytics/answer/6004245?hl=de.
Google AdSense
We have integrated Google AdSense into this website. The operator of the Google AdSense component is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google AdSense is an online service that enables the placement of advertisements on third-party websites. Google AdSense is based on an algorithm that selects the advertisements displayed on third-party websites to match the content of the respective third-party website. Google AdSense allows interest-based targeting of Internet users, which is implemented by generating individual user profiles.
The purpose of the Google AdSense component is to integrate advertisements on our website. Google AdSense sets a cookie on your IT system. By setting the cookie, Alphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, is enabled to analyse the use of our website. Each time you access one of the individual pages of this website, which is operated by us and on which a Google AdSense component has been integrated, the Internet browser on your IT system is automatically prompted by the respective Google AdSense component to transmit data to Alphabet Inc. for the purpose of online advertising and commission billing. As part of this technical process, Alphabet Inc. obtains knowledge of personal data, such as your IP address, which Alphabet Inc. uses, among other things, to track the origin of visitors and clicks and subsequently enable commission settlements.
Google AdSense also uses so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in websites to enable log file recording and log file analysis, which allows statistical evaluation to be carried out. The embedded tracking pixel allows Alphabet Inc. to recognise whether and when a website was opened by your IT system and which links you clicked on. Tracking pixels are used, among other things, to evaluate the visitor flow of a website.
Google AdSense transfers personal data and information, including IP addresses, to Alphabet Inc. in the United States of America for the purpose of recording and billing the advertisements displayed. This personal data is stored and processed in the United States of America. Alphabet Inc. may pass on this personal data collected via technical processes to third parties under certain circumstances.
These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6 (1) a EU GDPR.
You can view Google AdSense’s privacy policy and further information at: https://www.google.de/intl/de/adsense/start/ and at https://www.google.com/policies/technologies/ads/.
Partner and affiliate programmes
DoubleClick
This website contains components from DoubleClick by Google. DoubleClick is a brand of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), under which special online marketing solutions are marketed to advertising agencies and publishers.
DoubleClick by Google transfers data to the DoubleClick server with every impression, click or other activity. Each of these data transfers triggers a cookie request to your browser. If the browser accepts this request, DoubleClick sets a cookie on your IT system. The purpose of the cookie is to optimise and display advertising. Among other things, the cookie is used to place and display user-relevant advertisements and to create or improve reports on advertising campaigns. Furthermore, the cookie serves to prevent multiple displays of the same advertisement.
DoubleClick uses a cookie ID that is necessary for the technical process. The cookie ID is required, for example, to display an advertisement in a browser. DoubleClick can also use the cookie ID to track which advertisements have already been displayed in a browser in order to avoid duplicate placements. Furthermore, the cookie ID enables DoubleClick to track conversions.
A DoubleClick cookie does not contain any personal data. However, a DoubleClick cookie may contain additional campaign identifiers. A campaign identifier is used to identify campaigns with which you have already been in contact.
Each time you visit one of the individual pages of this website, which is operated by us and on which a DoubleClick component has been integrated, the Internet browser on your IT system is prompted by the respective DoubleClick component to transmit data to Google for the purpose of online advertising and commission billing. As part of this technical process, Google obtains data that it also uses to calculate commission payments. Among other things, Google can track that you have clicked on certain links on our website.
These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6 (1) a EU GDPR.
You can view DoubleClick by Google’s privacy policy at: https://www.google.com/intl/de/policies/.
Plugins and other services
Google Maps
On our website, we use Google Maps, a map service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; ‘Google’). This allows us to display interactive maps directly on the website and enables you to conveniently use the map function. The processing and transmission of your data (IP address, connection data) to Google is based on your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
When you visit subpages that include Google Maps, information about your use of our website (such as your IP address) is transmitted to Google servers in the United States and stored there. This occurs regardless of whether Google provides a user account that you are logged into or whether no user account exists. If you are logged into Google, your data will be directly associated with your account. If you do not want this assignment to your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them.
You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Google is certified under the EU-US Data Privacy Framework, which ensures an adequate level of data protection. Insofar as the processing does not fall within the scope of the Framework, we transfer the data to the United States on the basis of your express consent, in accordance with Art. 49(1)(a) GDPR. We take the measures that are possible and necessary under data protection law in accordance with Art. 44 et seq. GDPR to establish the level of data protection in the third country.
If you do not agree to the future transmission of your data to Google in connection with the use of Google Maps, you can completely deactivate the Google Maps web service by disabling JavaScript in your browser. Google Maps and thus also the map display on this website cannot then be used. For more information on the collection and use of data by Google, please refer to Google’s privacy policy at https://www.google.com/privacypolicy.html. There you also have the option of changing your settings in the privacy centre so that you can manage and protect your data processed by Google.
You can view Google’s terms of use at https://www.google.de/intl/de/policies/terms/regional.html. Additional terms of use for Google Maps can be found at https://www.google.com/intl/de_US/help/terms_maps.html.
Google Fonts
Our website uses so-called web fonts for the uniform display of fonts. Google WebFonts are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When you visit a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly. To do this, the browser you are using establishes a connection to Google’s servers. This allows Google to know that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our website.
Further information on Google WebFonts and Google’s privacy policy can be found at: https://developers.google.com/fonts/faq ; https://www.google.com/policies/privacy/.
These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6. (1) a EU GDPR.
Google Tag Manager
We use the Google Tag Manager service on this website. Google Tag Manager is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This tool allows ‘website tags’ (i.e. keywords that are integrated into HTML elements) to be implemented and managed via an interface. By using Google Tag Manager, we can automatically track which button, link or personalised image you have actively clicked on and can then record which content on our website is of particular interest to you.
The tool also triggers other tags, which may collect data themselves. Google Tag Manager does not access this data. If you have disabled tracking at the domain or cookie level, this setting will remain in effect for all tracking tags implemented with Google Tag Manager.
These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6. (1) a EU GDPR.
Further information about Google Tag Manager and Google’s privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.
Vimeo (Videos)
Our website incorporates plugins from the video portal Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA. When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to Vimeo’s servers. The content of the plugin is transmitted directly from Vimeo to your browser and integrated into the page. Through this integration, Vimeo receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Vimeo account or are not currently logged in to Vimeo. This information (including your IP address) is transmitted directly from your browser to a Vimeo server in the USA and stored there.
If you are logged in to Vimeo, Vimeo can immediately associate your visit to our website with your Vimeo account. If you interact with the plugins (e.g., by clicking the start button on a video), this information is also transmitted directly to a Vimeo server and stored there.
If you do not want Vimeo to assign the data collected via our website directly to your Vimeo account, you must log out of Vimeo before visiting our website.
The tracking tool Google Analytics is automatically integrated into Vimeo videos embedded on our website. This is Vimeo’s own tracking tool, to which we have no access and which cannot be influenced by our website. Google Analytics uses so-called “cookies” for tracking purposes. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
These processing operations are carried out exclusively with the express consent of the data subject in accordance with Art. 6. (1) a EU GDPR.
You can view Vimeo’s privacy policy at: https://vimeo.com/privacy.
WPML
We use WPML from OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong (hereinafter referred to as WPML). WPML is a multilingual plugin for WordPress. We use WPML to display our website in different languages. When you visit our website, WPML stores a cookie on your device to save your language settings. This may result in the storage and analysis of personal data, in particular user activity (especially which pages have been visited and which elements have been clicked on) as well as device and browser information (especially the IP address and operating system). Further information on the collection and storage of data by WPML can be found here: Privacy Policy and GDPR Compliance – WPML.
The legal basis for data processing is Art. 6 (1) f EU GDPR. Our legitimate interest lies in addressing visitors to our website in their native language. WPML stores cookies on your device. Information on how long cookies are stored can be found at: Privacy Policy and GDPR Compliance – WPML.
Pop-Up Builder
We use Pop-Up Builder from Popup-Maker Code Atlantic LLC | 266 Turner Rd. East Palatka, Florida, 32131, USA. We use anonymous cookies to prevent users from seeing the same pop-up repeatedly, to provide our users with a more pleasant experience, and to deliver time-sensitive messages. Popup Maker does not send user data from your website by default.
Cookies used:
| Name of cookie | Operating instructions | Time |
|---|---|---|
| pum-18448 | This cookie is used to prevent pop-up windows from being displayed repeatedly. | 1 year |
| pum-18485 | The cookie is used to prevent pop-up windows from being displayed repeatedly. | 1 month |
Change to the privacy policy
We reserve the right to update the data protection declaration from time to time with effect for the future, in particular in the event of further development of the website, the use of new technologies or changes to the legal basis or the relevant case law.
Status: August 2025