1. Data protection at a glance
The following gives a simple overview of what happens to your personal information when you visit our website.
Data collection on our website
Who is responsible for the data collection on this website?
Data are processed on this website by the website operator.
The operator’s contact details can be found in the website’s required legal notice.
How do we collect your data?
On the one hand, your data will be collected when you communicate it to us.
This could, for example, be data you enter on a contact form.
Other data is collected automatically by our IT systems when you visit the website. This data is primarily technical data such as the browser and operating system you are using or when you accessed the page. This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure the proper functioning of the website. Other data can be used to analyse how you use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
2. GENERAL INFORMATION AND MANDATORY INFORMATION
The operators of this website take the protection of your personal data very seriously.
If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified.
Please note that data transmitted via the internet (e.g. via e-mail communication) may be subject to security breaches. It is not possible to fully protect your data from access by third parties.
Data protection declaration
Name and contact of the controller in accordance with Article 4 para 7 of the GDPR
Notice concerning the controller
The data controller responsible for processing the data on this website is:
HOTEL & RESIDENCE MAYR
I – 39040 Kastelruth (BZ)
South Tyrol · Italy
The data controller is a natural or legal person who, alone or together with others, decides on the goals and methods of processing personal data (names, e-mail addresses, etc.).
Revoking your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal e-mail making this request is sufficient. A revocation request from you does not apply to data processed prior to your request having reached us.
Right to file complaints with regulatory authorities
In the case of breaches of data protection law, the data subject has a right to file a complaint with the competent supervisory authorities. The competent supervisory authority for matters related to data protection legislation is the data protection officer of the federal state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link:https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
The right to data portability
You have the right to have data which we process on the basis of your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible person, this will only be done to the extent that is technically feasible.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Objection to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested.
The website operator expressly reserves the right to take legal action in the event that unsolicited marketing material, such as spam email, is received.
Security and protection of your personal data
We consider it our primary task to protect the confidentiality of the personal data you provide and to protect it from unauthorised access. We therefore take the utmost care and use state-of-the-art security standards to ensure maximum protection of your personal data.
As a company under private law, we are subject to the provisions of the European Data Protection Ordinance (GPDR) and the provisions of the Federal Data Protection Act (BDSG). In order to protect your rights, we have adopted technical and organisational measures, and also ensured that external service providers commissioned by us comply with the data protection regulations.
The legislator requires that personal data be processed in a lawful manner, in good faith and in a manner that is comprehensible to the data subject (“lawfulness, processing in good faith, transparency”). In order to ensure this, we are here informing you about the individual legal definitions which are also used in this data protection declaration:
1. Personal data
“Personal data” refers to all information relating to an identified or identifiable natural person (hereinafter “data subject”); a natural person is regarded as identifiable, if he/she can be directly or indirectly identified, especially by means of association with an identifier such as a name, with an identification number, with location data, with an online ID or with one or several special features reflecting the physical, physiological, genetic, psychic, economic, cultural or social identity of that natural person.
“Processing” means any operation carried out, with or without the aid of automated processes, or any such series of operations in connection with personal data such as the gathering, collection, organisation, arrangement, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.
3. Restriction of processing
“Restriction of processing” is the marking of personal data stored in order to limit its future processing.
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
“Pseudonymisation” means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that this additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data are not an identified or an identifiable natural person.
6. File system
“File system” means any structured collection of personal data accessible according to specific criteria, whether centralised, decentralised, functional or geographical
A “data controller” is a natural or legal person, public authority, agency or other body, which either alone or with others, determines purposes and means of processing of personal data; where purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law
A “processor ” is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
“Recipient” means a natural or legal person, authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing.
10. Third party
“Third party” means a natural or legal person, authority, institution or other body other than the data subject, data controller, processor and persons who, under the direct authority of the data controller or contract processor, is authorised to process personal data.
“Consent” of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
3. DATA COLLECTION ON OUR WEBSITE
Lawfulness of processing
The processing of personal data is only legal if there is a legal basis for the processing. The legal basis for processing may be determined in accordance with Article 6 para. 1 lit. a – f of the GDPR in particular:
- The data subject has given his/her consent to the processing of personal data concerning him/her for one or more specific purposes;
- The processing is necessary for the fulfilment of a contract to which the data subject is party or in order to fulfil contractual requirements at the request of the data subject prior to entering into a contract;
- The processing is necessary to fulfil a legal obligation to which the provider is subject;
- The processing is necessary to protect the vital interests of the data subject or another natural person;
- The processing is necessary for the performance of a task which is in the public interest or in the exercise of publicauthority which has been transferred to the controller;
- The processing is necessary to safeguard the legitimate interests of the data controller or a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail, in particular where the data subject is a child.
Information about the collection of personal data
(1) Below, we provide information on the collection of personal data when using this website. Personal data includes e.g. name, address, email addresses, user behaviour.
(2) When we are contacted via email or via a contact form, the data you provide (your email address, and if applicable your name and your telephone number) will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer necessary, or processing is restricted if statutory retention obligations exist.
Personal data collection when visiting our website
If you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6 para. 1 page 1 lit. f) GDPR:
- IP address
- Date and time of request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Volume of data transferred in each case
- The website making the request
- Operating system and its interface
- Language and version of the browser software.
(1) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are allocated and stored on your hard disk in association with the browser you are using and through which the site which sets the cookie transmits certain information. Cookies cannot run programmes or deliver viruses to your computer. They serve to make our site more user-friendly and effective.
(2) This website and our services use the following types of cookies, the scope and functionality of which are explained below:
- Transient cookies (see a.)
- Persistent cookies (see b.).
- Transient cookies are automatically deleted when you close the browser. It especially includes session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This allows your computer to be recognised when you return to the site. Session cookies are deleted when you log out or close the browser.
- Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie in question. You can delete cookies at any time in the security settings of your browser.
You can configure your browser settings according to your wishes and
e.g. refuse the acceptance of third party cookies or all cookies. “Third party cookies” are cookies set by a third party, therefore, not by the actual website you are currently visiting. Please note that by deactivating cookies you may not be able to use all functions of this website.
Rights of the data subject
(1) Withdrawal of consent
You have the right to request confirmation from the data controller as to whether we are processing personal data relating to you. You can request confirmation at any time using the above contact details.
You can contact us at any time to exercise your right of withdrawal.
(2) Right of confirmation
Sie haben das Recht, von dem Verantwortlichen eine Bestätigung darüber zu verlangen, ob wir sie betreffende personenbezogene Daten verarbeiten. Die Bestätigung können Sie jederzeit unter den oben genannten Kontaktdaten verlangen.
(3) Information right
If personal data is processed, you can request information about this personal data and about the following information at any time:
- the purposes of processing;
- the categories of personal data being processed;
- the recipients or categories of recipients to whom the personal data has been or is still being disclosed in particular for recipients in third countries or international organisations;
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this period;
- the existence of a right of rectification or deletion of personal data concerning them or of a restriction on processing by the person responsible or of a right to oppose such processing;
- the existence of a right of appeal to a supervisory authority;
- if the personal data is not collected from the data subject, all available information about the origin of the data;
- the existence of automated decision-making, including profiling, in accordance with Article 22 para. 1 and 4 GDPR; and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.
If personal data is transferred to a third country or an international organisation, you have the right to be informed of the appropriate guarantees in connection with the transfer in accordance with Article 46 GDPR. We provide a copy of the personal data that is the subject of the processing. We may charge an appropriate fee based on administrative costs for any additional copies you request personally. If you submit the application electronically, the information shall be provided in a common electronic format, unless otherwise specified. The right to obtain a copy in accordance with paragraph 3 shall not prejudice the rights and freedoms of other persons.
(4) The right of rectification
You have the right to request the correction of your personal data without undue delay. Taking into account the purpose of the data processing, you also have the right to demand the completion of your incomplete personal data – also by means of a supplementary declaration.
(5) Right to deletion (Right to be forgotten)
You have the right to request the data controller to delete personal data relating to you immediately and we are obliged to delete personal data immediately if one of the following reasons applies:
- The personal data is no longer necessary for the purposes for which it was collected or otherwise processed
- The data subject withdraws the consent on which the processing referred to in Article 6 para. 1 letter a or Article 9 para. 2 letter a GDPR was based and there is no other legal basis for processing.
- The data subject opposes processing in accordance with Article 21 para. 1 GDPR and there are no overriding legitimate grounds for processing or the data subject shall oppose processing in accordance with Article 21 para 2 GDPR.
- The personal data has been unlawfully processed.
- The personal data must be erased for compliance with a legal obligation under European Union or Member State law to which the data controller is subject.
- The personal data has been collected in relation to information society services provided in accordance with Article 8 para 1 GDPR.
Where the data controller has made the personal data public and is obliged to delete it in accordance with paragraph 1, he/she shall take appropriate measures, including technical measures, taking into account the technology available and the implementation costs, to inform data processors of the personal data that a data subject has requested the deletion of all links to such personal data or of copies or replications of such personal data.
The right to deletion (“right to be forgotten”) does not exist if the processing is necessary:
- to exercise rights to freedom of expression and information;
- for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the data controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred to the data controller;
- on grounds of public interest in the field of public health in accordance with Article 9 para. 2 letters h and i and Article 9 para. 3 GDPR;
- for archiving purposes of public interest, scientific or historical research purposes or for statistical purposes referred to in Article 89 para. 1 GDPR, where the right referred to in paragraph 1 is likely to render impossible or be seriously prejudicial to the attainment of the objectives of such processing, or
- the assertion, execution or defending of legal claims.
(6) Right to the restriction of processing
You have the right to request that we restrict the processing of your personal data if one of the following conditions is met:
- the accuracy of the personal data is contested by the data subject, for a period enabling the data controller to verify the accuracy of the personal data;
- the processing is unlawful and the data subject rejects the deletion of personal data and instead requests the restriction of the use of personal data;
- the data controller no longer requires the personal data for the purposes of processing, but the data subject needs it to assert, exercise or
- defend legal claims, or the data subject has objected to the processing pursuant to with Article 21 para. 1 GDPR, until it has been established whether the legitimate reasons of the data controller outweigh those of the data subject.
Where processing has been restricted in accordance with the conditions set out above, such personal data shall only be processed – apart from being stored – with the consent of the data subject or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
In order to exercise the right to restrict processing, the data subject may contact us at any time using the contact details provided above.
(7) The right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another data controller without interference from the data controller to whom the personal data was provided, provided that:
- processing is based on consent pursuant to Article 6 para. 1 letter a or Article 9 para. 2 letter a or on the basis of a contract pursuant to Article 6 para. 1 letter b GDPR and
- the processing is carried out using automated methods.
In exercising this right to data portability under paragraph 1, the data subject shall have the right to have the personal data transferred directly by a data controller to another data controller, where technically feasible. The exercise of the right to data portability does not affect the right to deletion (“right to be forgotten”). The right to data portability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the data controller.
(8) Right of objection
You have the right to object at any time to the processing of personal data concerning you on the basis of Article 6 paragraph 1 letter e or f GDPR for reasons arising from your particular situation, including profiling based on these provisions. The data controller will no longer process the personal data unless he/she can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
Where personal data is processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him/her for the purposes of such advertising, including profiling in so far as it is related to such direct marketing. If you object to the processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
In connection with the use of information society services, notwithstanding Directive 2002/58/EC, you may exercise your right of opposition by means of automated procedures using technical specifications.
You have the right, for reasons arising from your particular situation to oppose the processing of personal data concerning you, for scientific or historical research purposes or for statistical purposes in accordance with Article 89 para. 1 GDPR, unless processing is necessary for the performance of a task in the public interest.
You can exercise your right of objection at any time by contacting the data controller.
(9) Automated individual decision-making including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:
- is necessary for entering into, or performance of, a contract between the data subject and a data controller,
- is authorised by Union or Member State law to which the data controller is subject and which also lays down suitable measures to safeguard the rights and freedoms of the data subject and legitimate interests or
- is made with the express consent of the data subject.
The data controller shall take appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person by the data controller, to state his/her own position and to challenge the decision.
The person concerned may exercise this right at any time by contacting the person responsible.
(10) The right to filing a legal complaint with a supervisory authority
They shall also, without prejudice to any other administrative or judicial remedy, have the right of appeal to a supervisory authority, in particular in the Member State of their place of residence, of work or of the place of suspected infringement, where the data subject considers that the processing of personal data concerning him or her is contrary to this Regulation.
(11) Right to an effective judicial remedy
You have the right to an effective judicial remedy without prejudice to any available administrative or extrajudicial remedy, including the right of appeal to a supervisory authority under Article 77 GDPR, if it considers that your rights under this Regulation have been infringed as a result of processing of your personal data in breach of this Regulation.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, in order to answer your question and any follow-up questions. We do not share this data without your permission.
We will therefore process any data you enter onto the contact form only with your consent per Art. 6 para. 1 lit. a GDPR).
You may revoke your consent at any time. An informal e-mail making this request is sufficient. The legality of the processing of data which has already occurred before we receive your request remains unaffected by this.
The data entered by you in the contact form remain with us until you request us to delete it, your consent for storage is revoked or the purpose for data storage no longer applies (e.g. after your request has been processed). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, establish, or modify legal relationships with us (master data). This is done on the basis of Art. 6 (1) (b) GDPR, which allows the processing of data to fulfil a contract or for measures preliminary to a contract. We collect, process and use your personal data about the use of our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transmission when entering into a contract for services and digital content
We transmit personally identifiable data to third parties only to the extent required to fulfil the terms of your contract with us, for example, to banks entrusted to process your payments.
Your data will not be transmitted for any other purpose, or only if you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 para. 1 letter b GDPR, which allows the processing of data to fulfil a contract or for measures preliminary to a contract.
4. Analytics tools and advertising
Use of Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, text files that are stored on your computer and that enable your use of the website to be analysed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is enabled on this website, your IP address will first be truncated by Google within the Member States of the European Union or other parties to the agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and internet usage for the website operator.
The IP address provided by your browser as part of Google Analytics will not be combined with other data from Google.
You can prevent cookies from being stored by selecting the appropriate settings in your browser; however, we wish to point out that by doing so, you may not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies concerning your use of the website (incl. your IP address) from being passed to Google, and the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout? hl=de.
This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are further processed in truncated form, so that reference to individuals can be ruled out. As far as the data collected about you is related to you as a person, it will be excluded immediately and the personal data will be deleted immediately.
We use Google Analytics to analyse and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework, for exceptional cases in which personal data is transferred to the USA. The legal basis for the use of Google Analytics is Art. 6 para. 1 clause 1 lit. f GDPR.
Third party provider information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Conditions of use:
http://www.google.com/analytics/terms/de.html, Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html, as well as the Data Protection Declaration: http://www.google.de/intl/de/policies/privacy.
This website also uses Google Analytics for an analysis of visitor flows across all devices that is carried out via a user ID (Google Universal Analytics). You can disable the device cross-analysis of your use in your account under “My data”, “personal data”.
Google Analytics Remarketing
This is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
This function enables the target groups created with Google Analytics Remarketing to be linked with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-related, personalised advertising messages that, depending on your previous usage and surfing behaviour, can be displayed on a end device (e.g. mobile phone) have been adapted to you can also be displayed on another of your devices (e.g. tablet or PC).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalised promotional messaging.
To support this feature, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create cross-device ad targeting.
You can permanently object to cross-device remarketing/targeting by disabling personalised advertising in your Google Account by following this link https://www.google.com/settings/ads/onweb/.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google (Art. 6 para. 1 (a) GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 para. 1 (f) of the GDPR. The legitimate interest arises from the fact that the website operator has an interest in anonymous analysis of website visitors for advertising purposes.
Further information and the data protection regulations can be found in Google’s Data Protection (Privacy) Policy at: https://www.google.com/policies/technologies/ads/.
Google AdWords und Google Conversion-Tracking
AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that the internet browser stores on the user’s computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an Adwords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for Adwords customers who have opted into conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not wish to participate in tracking, you can refuse by simply deactivating the Google conversion tracking cookie via your internet browser settings. In doing so, you will not be included in the conversion tracking statistics.
“Conversion cookies” are stored on the basis of Art. 6 para. 1 (f) of the GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) have been entered by a human or by an automated programme. To do this, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis starts automatically as soon as the visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
reCAPTCHA analyses take place entirely in the background. Visitors are not advised that such an analysis is taking place.
Data is processed on the basis of Art. 6, Para. 1 (f) of the GDPR. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
Use of social media plug-ins
(1) We currently use the following social media plug-ins: [Facebook, Google+, Twitter, Xing, T3N, LinkedIn, Flattr]. We use what is called the two-click solution. This means that if you visit our site, initially no personal data will be passed on to the providers of these plug-ins. You can recognise the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online offer. In addition, the data mentioned under section § 3 of this declaration will be transmitted. In the case of Facebook and Xing, the IP address is anonymised immediately after collection, according to the respective provider in Germany. By activating the plug-in, data is automatically transmitted to the respective plug-in provider and stored there (US providers in the USA). Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies using your browser’s security settings before clicking on the greyed-out box.
(2) We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
(3) The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is also made for users who are not logged in, to display customised advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles. You must contact the respective plug-in provider to exercise this right. Through the plug-ins we offer you the possibility to interact with social networks and other users, so that we can improve our offering and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 clause 1 lit. f of the GDPR.
(4) The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. When you confirm the activated button and link the page, for example, the plug-in provider also stores this information in your user account and communicates this to your contacts publicly. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.
(5) For more information on the purpose and extent of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers provided below. Here, you will also find further information on your rights and settings options for protecting your privacy.
(6) Addresses of the respective plug-in providers and URL with their data protection information:
- Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/? hl=de. Google has submitted to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
- Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US privacy shield, https://www.privacyshield.gov/EU-US-Framework.
- Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
- T3N, yeebase media GmbH, Kriegerstr. 40, 30161 Hannover, Deutschland; https://t3n.de/store/page/datenschutz.
- LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn hat sich dem EU-US-Privacy-Shield unterworfen, https://www.privacyshield.gov/EU-US-Framework.
- Flattr Network Ltd. with headquarters at 2nd Floor, White bear yard 114A, Clerkenwell Road, London, Middlesex, England, EC1R 5DF, Great Britain;https://flattr. com/privacy.]
Integration of Google Maps
(1) We use Google Maps functions on this website. This allows us to display interactive maps directly on the website and enables your convenient use of the map function.
(2) When you visit this website, Google receives the information that you have accessed the corresponding sub-page of our website. In addition, the data mentioned under Section 3 of this declaration will be transmitted. This takes place regardless of whether Google makes available a user account via which you are logged in or no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated to your Google profile, you must first log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or requirements-oriented design of its website. Such evaluation also takes place (even for users who are not logged in) for the purposes of providing customised advertising and to inform other social network users about activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
If you would like to receive a newsletter which is offered, we require a valid email address as well as information which allows us to verify that you are the owner of the email address provided and that you agree to receive this newsletter. No additional data is collected or will only be collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 para. 1a GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The legality of the processing of data which has already occurred remains unaffected by this withdrawal.
The data provided when registering for the newsletter will be used to distribute the newsletter until such time as you cancel your subscription, when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.
6. Plugins and Tools
Our website uses plugins from YouTube, which is operated by Google. The operator of these pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages which feature a YouTube plugin, a connection is established to the YouTube servers. The Youtube server is then informed about which of our pages you have visited.
If you are logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. You can prevent this by logging out of your YouTube account.
YouTube is used in the interests of making our online presence more attractive. This constitutes a legitimate interest pursuant to Art. 6, Para. 1 1 (f) GDPR.
Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
When you call up a page of our website which contains a social plugin, your browser makes a direct connection with Google servers. Google is therefore aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and appealing presentation of our website. This constitutes a justified interest pursuant to Art. 6 para. 1 (f) GDPR.
If your browser does not support web fonts, a standard font is applied by your computer.