We are pleased that you are visiting our website.

Privacy policy

The protection and security of your personal information when using our website is very important to us.

We would therefore like to take this opportunity to inform you which of your personal data we collect when you visit our website and for what purposes it is used. Personal data is individual information about the personal or factual circumstances of a specific or identifiable natural person (data subject), e.g. name, address, email addresses, user behaviour. This is therefore data with which we can identify you. In addition, you will occasionally also find information on data processing processes outside of this website (e.g. video conferences or newsletters).

Person responsible for data processing

Data Protection Officer

exkulpa gmbh
Waldfeuchter Str. 266
52525 Heinsberg
Telephone: 02452 / 99 33 11
E-mail: datenschutz@freisinger-hof.de

General information

This privacy policy fulfils the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behaviour when visiting a website. Information for which we cannot (or only with disproportionate effort) establish a connection to your person, e.g. through anonymisation, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data will be deleted as soon as the purpose of the processing has been achieved and there are no legitimate reasons for further storage of the data. We will inform you of the specific storage periods or criteria for storage in the individual processing operations. Irrespective of this, we store your personal data in individual cases for the assertion, exercise or defence of legal claims and in the event of statutory retention obligations.

Information in accordance with Art. 13 GDPR

This information is aimed at customers, interested parties, suppliers and employees. We process your personal data for the following purposes

To fulfil our contractual obligations to you (Art. 6 para. 1 lit. b GDPR).
To fulfil pre-contractual obligations (Art. 6 para. 1 lit. b GDPR).
To respond to enquiries (Art. 6 para. 1 lit. b GDPR).
If you have given us your consent to process your personal data for specific purposes (e.g. to receive our newsletter), the data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR).
To fulfil legal obligations to which our company is subject (Art. 6 para. 1 lit. c GDPR).
If necessary, we also process your data to protect our legitimate interests, in particular to assert legal claims and defend ourselves in legal disputes or to ensure IT security, to consult and exchange data with credit agencies to determine creditworthiness and default risks, for direct advertising and market research, provided you have not objected to the use of your data for this purpose, for measures for business management and further development of services and products, for measures to optimise products and sales, for risk management measures, for the prevention or investigation of criminal offences (Art. 6 para. 1 lit. f GDPR).

Categories of recipients of the personal data

Within our company, only those employees have access to the data who absolutely need it to fulfil their tasks (need-to-know principle). Individual processes and services are carried out by carefully selected service providers based within the EEA and commissioned in accordance with data protection regulations. If service providers commissioned by us are given access to personal data when performing their services, order processing contracts have been concluded with them in accordance with Art. 28 para. 3 GDPR.

Duration of data storage

The data processed by us will be stored for the duration of the existence and processing of the contractual relationship and in compliance with statutory retention periods. These are in particular commercial and tax retention obligations under the German Commercial Code (HGB) and the German Fiscal Code (AO). The regular retention and documentation periods are up to ten years. If there is no contractual relationship, we only process the data for as long as required for the specific purpose.

Your rights as a data subject

As a data subject, you have the following rights with regard to the personal data concerning you:

Right to information about your personal data processed by us.
Right to rectification or erasure if it is incorrect, out of date or unlawfully collected by us.
Right to restriction of processing if complete erasure is not possible, e.g. because we have to comply with statutory retention obligations.
Right to object to processing if the data processing is based on a balancing of interests (the so-called legitimate interest), as described above under ‘Purpose of processing’. This is the case if, in particular, the processing is not necessary for the fulfilment of a contract with you. When asserting your right to object, we ask you to explain the reasons why we should not process your data as we have done.

Of course, you can also object to the processing of your personal data for advertising purposes at any time. To do so, please send your objection to our address given in the legal notice or send us an e-mail to the address given in the legal notice.

Right of revocation if you have given us your consent to process your data. You can revoke your consent to our company at any time without giving reasons. To do so, please contact the address given in the legal notice.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by our company.

If you have any questions about data protection, please send an e-mail to the address given in the legal notice.

Cookies

Cookies are small text files that are sent by us to the browser of your end device and stored there when you visit our website. As an alternative to the use of cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, on the other hand, enable us to carry out various analyses so that we are able, for example, to recognise the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your end device. They cannot execute programmes or contain viruses.
We provide information about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website.

Your rights

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you as the data subject have the following rights

Information in accordance with Art. 15 GDPR about the data stored about you in the form of meaningful information on the details of the processing as well as a copy of your data;
Correction in accordance with Art. 16 GDPR of incorrect or incomplete data stored by us;
erasure pursuant to Art. 17 GDPR of the data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims
restriction of processing pursuant to Art. 18 GDPR if the accuracy of the data is contested, the processing is unlawful, we no longer need the data and you oppose their erasure because you require them for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Art. 21 GDPR.
Data portability pursuant to Art. 20 GDPR, insofar as you have provided us with personal data on the basis of consent pursuant to Art. 6 para. 1 lit. a GDPR or on the basis of a contract pursuant to Art. 6 para. 1 lit. b GDPR and these have been processed by us using automated procedures. You will receive your data in a structured, commonly used and machine-readable format or we will transmit the data directly to another controller if this is technically feasible.
Objection pursuant to Art. 21 GDPR to the processing of your personal data, insofar as this is carried out on the basis of Art. 6 para. 1 lit. e, f GDPR and there are reasons for this arising from your particular situation or the objection is directed against direct advertising. The right to object does not exist if overriding, compelling legitimate grounds for the processing can be demonstrated or the processing is carried out for the establishment, exercise or defence of legal claims. If the right to object does not exist for individual processing operations, this is indicated there.
Revocation pursuant to Art. 7 para. 3 GDPR of your consent with effect for the future.
Complaint pursuant to Art. 77 GDPR to a supervisory authority if you believe that the processing of your personal data violates the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.

Data processing in detail

Below we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. Automated decision-making in individual cases, including profiling, does not take place.

Provision of the website

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a log file

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which the access was made (referrer URL)
Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

Our website is not hosted by us, but by a service provider who processes the aforementioned data on our behalf in accordance with Art. 28 GDPR for the purpose of providing the website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).

We use the following hoster:
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen

Contact form

Type and scope of processing

If you send us enquiries (e.g. via contact form, e-mail or telephone), we store all the data that results from this (e.g. name, e-mail address, subject of the enquiry, etc.). We need this data to process your enquiry and to be able to answer any follow-up questions. We do not pass on this data without your consent.

Purpose and legal basis

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if you have previously given it.

Storage period

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Contact form for applicants

Type and scope of processing

On our website, you have the option of applying to us (e.g. by email, post or via the online application form).

Purpose and legal basis

We process the personal data of applicants in accordance with the legal requirements for the purpose of processing the application procedure and for the implementation of pre-contractual measures within the meaning of Art. 6 para. 1 lit. b. GDPR and § 26 BDSG. GDPR and § 26 BDSG according to German law (initiation of an employment relationship) and - if you have given your consent - Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship.

Storage period

Your data will be stored for a period of 6 months after the end of the application process. This is usually done to fulfil legal obligations or to defend against any claims arising from legal regulations. We are then obliged to delete or anonymise your data. In this case, the data will only be available to us as so-called metadata without direct personal reference for statistical analyses (e.g. proportion of women or men in applications, number of applications per period, etc.).

If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), it will only be deleted when the purpose for further storage no longer applies.

Inclusion in the applicant pool

As part of the application process, we offer applicants the opportunity to be included in our ‘talent pool’ for a period of 12 months on the basis of consent within the meaning of Art. 6 para. 1 lit. a. DS-GVO to be included.

The application documents in the talent pool will only be processed in the context of future job advertisements and the search for employees and will be destroyed after the period has expired at the latest. Applicants are informed that their consent to inclusion in the talent pool is voluntary, has no influence on the current application process and that they can revoke this consent at any time for the future.

If you receive an offer of employment with us during the application process and accept it, we will store the personal data collected during the application process for at least the duration of the employment relationship.

Our newsletter

We offer you our newsletter on this website. If you would like to subscribe to this, we need your e-mail address and other data to prove that this is your e-mail address and that you agree to receive the newsletter. No other personal data is collected unless you provide it voluntarily (e.g. name, telephone number, place of residence, etc.).

When processing the data you provide when registering for the newsletter, we rely exclusively on your consent in accordance with Art. 6 para. 1 lit. a GDPR as the legal basis. You can revoke your consent to the processing and storage of your personal data at any time (e.g. via the ‘unsubscribe’ link in the newsletter) for the future.

We store your personal data that you have provided for the purpose of receiving the newsletter until you unsubscribe from the newsletter with us or the mailing service provider. This does not apply to data that we have stored about you for other purposes.

If you unsubscribe from the newsletter mailing list, your email address will be stored by us or the mailing service provider in a blacklist for an indefinite period of time. This is done to prevent future mailings to you. The data from the blacklist will be used exclusively for this purpose and will not be merged with other data. This is not only in your interest, but also in our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to fulfil our legal obligations when sending newsletters. You can object to the storage if your personal interests outweigh our legitimate interest.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany.

CleverReach is a service that organises and analyses the sending of newsletters. Data that you enter to receive newsletters (e.g. your email address) is stored on CleverReach's servers in Germany or Ireland.

Data analysis by CleverReach

CleverReach offers the option of viewing the performance of our newsletter. We can determine whether a newsletter has been opened, which links have been clicked on and which other actions have been carried out after opening/clicking on the newsletter, e.g. a purchase. This allows us to analyse and evaluate our newsletter campaigns with the help of CleverReach.

CleverReach also allows us to better customise the newsletter to our target groups by dividing the newsletter recipients into different categories, such as age, gender or place of residence. If you do not wish to be analysed by CleverReach, you can unsubscribe from the newsletter using a link. This link is available in every newsletter you receive.

Further information on data analysis by CleverReach newsletters can be found here: www.cleverreach.com/de/funktionen/reporting-und-tracking/.

Legal basis

The data is processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR). This consent can be revoked at any time. The legality of the data processing operations already carried out remains unaffected by this.

You can find CleverReach's privacy policy here: www.cleverreach.com/de/datenschutz/.

Storage period

Data that you provide to us for the purpose of sending the newsletter will be stored by us or the newsletter service provider. This applies until you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

If you unsubscribe from our newsletter, we may store your e-mail address in a blacklist. In this way, we ensure that we do not send newsletters to people who have unsubscribed from the newsletter. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves your and our interest (Art. 6 para. 1 lit. f GDPR) with regard to compliance with legal requirements when sending newsletters. The storage of your data in the blacklist is not limited in time. You have the right to object to the storage of the data if your interest outweighs our legitimate interest.

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Presence on social media platforms

Data processing by social networks

We operate publicly accessible profiles on social networks. The individual social networks we use are listed below.

Social networks such as Facebook, Twitter etc. can generally analyse your user behaviour comprehensively. When you visit our social media sites, the following data protection-relevant processing operations are triggered:

If you are logged into your social media account and visit our profile, the operator of this social medium can track this visit. Irrespective of this, the operator may be able to process your data (e.g. IP address) even if you are not logged into your account or do not have an account at all.

The operator summarises this data in user profiles in which your preferences and interests are stored. These profiles are used to display personalised advertising within and outside the respective social media presence. If you have an account with the respective social network, the personalised advertising can be displayed on all devices on which you are logged in or were logged in.

Depending on the platform, further processing operations may be carried out by the operators of the social media portals, over which we have no influence. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the widest possible presence on the Internet within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes carried out by the operators of the social networks may be based on different legal bases, which must be specified by the respective providers.

Controller and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).

Despite the joint responsibility with the social media portal operators, we have no full influence on the data processing operations of the portals. Our options depend largely on the company policy of the respective provider.

Storage duration

The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of the data collected by the social networks. For details, please contact the operators of the social networks directly (e.g. in their privacy policies, see below).

Facebook page

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected is also transferred to the USA and other third countries.

We have concluded an agreement with Facebook on joint processing (Controller Addendum), which specifies which data processing operations we or Facebook are responsible for. You can view this agreement at the following link: www.facebook.com/legal/terms/page_controller_addendum.

You can customise your advertising settings yourself in your user account. To do this, click on the following link and log in: www.facebook.com/settings.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum and de-de.facebook.com/help/566994660333381.

You can find more information on data processing by Facebook at www.facebook.com/about/privacy/.

Instagram page

We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.facebook.com/legal/EU_data_transfer_addendum, help.instagram.com/519522125107875 and de-de.facebook.com/help/566994660333381.

Details on how they handle your personal data can be found in Instagram's privacy policy: help.instagram.com/519522125107875.

Video conferences

Conference tool used: TeamViewer

We use TeamViewer. The provider is TeamViewer Germany GmbH, Jahnstr. 30, 73037 Göppingen, Germany. Details on data processing can be found in TeamViewer's privacy policy: www.teamviewer.com/de/datenschutzerklaerung/ .

Data processing

We use online conferencing tools to communicate with our customers. The tools we use in detail are listed below. If you communicate with us via video or audio conference, your personal data will be collected and processed by us and the provider of the respective tool.

The tools collect the data you provide, including your email address and telephone number. They also process the duration of the conference, when you took part in the conference, the number of participants and other metadata.

In addition, the provider of the tool processes all technical data required to organise the conference. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

If you share content in this service, it will be stored on the provider's servers. This includes cloud recordings, chat messages, voice messages, photos and videos that you have shared while using this service.

Please note that we do not have full control over the data processing operations of the tools used. For more information on data processing by the conference tools, please refer to the privacy policies of the tools used.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If you have previously given your consent to data processing, your data will be processed solely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Resmio

Type and scope of processing

We use the online reservation function of the provider Resmio GmbH Gneisenaustr. 66 - 67, 10961 Berlin on our website. For the online reservation, we record the desired date, time, number of people, first and last name, e-mail address and your telephone number. We also offer you the option of booking via Facebook. If you wish to register using this service and click on the button provided, you will be forwarded directly to the Facebook platform. You can then use your Facebook login details to book a table with us. This will link your Facebook profile to this website or our services. This gives us access to information about you that is stored by Facebook. This data is mainly

Your name on Facebook
Your birthday
Your gender
Your email address that you use to log in to Facebook
Your profile picture and cover picture on Facebook
Your Facebook ID
The list of your Facebook friends
Your likes / ‘Like me’ information

Purpose and legal basis

The legal basis for the integration of Resmio is the legitimate interest in a simple online reservation in accordance with Art. 6 para. 1 lit. f GDPR. If you have previously given your consent to data processing, your data will be processed solely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

Order processing

In order to ensure that personal data is processed in accordance with our instructions and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

The reservation with Facebook Connect on this website and the data processing operations associated with it are based on your consent (Art. 6 para. 1 lit a GDPR). You can revoke this consent at any time with effect for the future.

The obligations that we impose on each other in the context of joint responsibility are set out in a joint data processing agreement. You can find the exact text of the agreement at the following link: www.facebook.com/legal/controller_addendum. According to this agreement, we must provide you with information on data protection when using the Facebook tool and ensure that the tool is implemented on our website in compliance with data protection regulations. Facebook itself is responsible for the security of its own products. If you wish to exercise your rights as a data subject and, for example, request information about your data processed by Facebook, you can contact Facebook directly. If you assert your rights as a data subject with us, we are obliged to transmit your request to Facebook.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at www.facebook.com/legal/EU_data_transfer_addendum, de-de.facebook.com/help/566994660333381 and www.facebook.com/policy.php.

If you would like more information about Facebook's terms of use and privacy policy, you can find them at de-de.facebook.com/about/privacy/ and de-de.facebook.com/legal/terms/.

LiveRate

Type and scope of processing

We use the price comparison widget of the provider LiveRate GmbH, Metzstr. 12, 81667 Munich. To use the functions, it is necessary to save your IP address. As a rule, the information is transmitted to a LiveRate server and stored. The provider of this website has no influence on this data transfer.

Purpose and legal basis

The use of LiveRate is based on our legitimate interest in an appealing presentation of our offers and in displaying a transparent price comparison for our guests (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data will be processed exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time.

You can find more information on data protection at www.liverate.de/company/datenschutz.

Giggle Tips

Type and scope of processing

We use an experience manager to display and book experience offers and guest information on our website. The provider is Giggle GmbH, Jahnstraße 18, 6020 Innsbruck, Austria. With Giggle Tips, we can make experiences available for you to book on all relevant communication channels. In order to use the functions, it is necessary to save your IP address. As a rule, the information is transmitted to a Giggle server and stored. The provider of this website has no influence on this data transfer.

Purpose and legal basis

The use of Giggle Tips is based on our legitimate interest in an appealing presentation of our offers and guest information (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data will be processed exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time.

You can find more information on data protection at hotel.giggle.tips/privacy.

AWS CloudFront

Type and scope of processing

We use AWS CloudFront to properly provide the content of our website. AWS CloudFront is a service of Amazon Web Services, Inc. which acts as a content delivery network (CDN) on our website.

A CDN helps to make the content of our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to Amazon Web Services, Inc. servers, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of AWS CloudFront.

Purpose and legal basis

The Content Delivery Network is used on the basis of our legitimate interests, i.e. interest in the secure and efficient provision and optimisation of our online offer in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Amazon Web Services, Inc. Further information can be found in the privacy policy for AWS CloudFront: aws.amazon.com/de/privacy/.

CDNJS

Type and scope of processing

We use CDNJS to properly provide the content of our website. CDNJS is a service provided by Cloudflare, Inc. which acts as a content delivery network (CDN) on our website.

A CDN helps to make the content of our online offering, in particular files such as graphics or scripts, available more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to Cloudflare, Inc. servers, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of CDNJS.

Purpose and legal basis

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Cloudflare, Inc. Further information can be found in the privacy policy for CDNJS: www.cloudflare.com/privacypolicy/.

Facebook Pixel

Type and scope of processing

We use the Facebook pixel on this website, which is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

With the help of the Facebook pixel, we can analyse the behaviour of our website visitors when they are redirected to our website by clicking on a Facebook ad. We use the user data to measure the success of our ads on Facebook and to optimise the ads. As the website operator, we only receive anonymised data for this purpose so that we cannot identify you as a user.

Facebook, on the other hand, processes the data in such a way that it is assigned to a specific user and used for its own advertising purposes. This allows Facebook to place personalised advertisements on Facebook and other websites. As the website operator, we have no influence over this. You can find more information on data processing in Facebook's privacy policy at www.facebook.com/about/privacy/.

You can deactivate this remarketing function ‘Custom Audiences’ from Facebook in your personal account at www.facebook.com/ads/preferences/. If you do not have an account with Facebook but would like to deactivate this advertising function, you can do so via the website of the European Interactive Digital Advertising Alliance at www.youronlinechoices.com/de/praferenzmanagement/.

Purpose and legal basis

When using Facebook pixels, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in optimising our online presence and offers for you through social media platforms. If you have previously given your consent to data processing by Facebook Pixel on this website, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

If this service collects personal data on this website and passes it on to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for the processing of your personal data (Art. 26 GDPR). However, we are only responsible for the collection of your data and its transmission to Facebook, while Facebook is responsible for what happens to the data afterwards. The obligations that we impose on each other in the context of joint responsibility are set out in a joint data processing agreement. You can find the exact text of the agreement at the following link: www.facebook.com/legal/controller_addendum. According to this agreement, we must provide you with information on data protection when using the Facebook tool and ensure that the tool is implemented on our website in compliance with data protection regulations.

Facebook itself is responsible for the security of its own products. If you wish to exercise your rights as a data subject and, for example, request information about your data processed by Facebook, you can contact Facebook directly. If you assert your rights as a data subject with us, we are obliged to forward your request to Facebook.

Facebook plugin

Type and scope of processing

We use plugins from the social media platform Facebook on this website. The plugin is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, personal data is also transferred to third countries such as the USA.

You can recognise Facebook plugins on this website by the Facebook logo and the ‘Like’ button. You can find a list of all Facebook plugins at the following link: developers.facebook.com/docs/plugins/.

As soon as you visit this website, the plugin informs Facebook that you have visited this website with your IP address. If you are logged into your personal Facebook account and click the ‘Like’ button on this website, you can share the content of this website on your Facebook profile. Your visit to this website can thus be automatically linked to your Facebook user account.

We do not know the content of the transmitted data or the purposes for which Facebook uses the data. You can find more information on this data processing in Facebook's privacy policy at de-de.facebook.com/privacy/explanation. If you want to ensure that Facebook does not find out that you have visited this website, please log out of your Facebook account beforehand.

Purpose and legal basis

When using the Facebook plugins, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in an extensive presence on the social media platforms. If you have previously given your consent to data processing on this website through the Facebook plugins, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

According to this agreement, we must provide you with information on data protection when using the Facebook tool and ensure that the tool is implemented on our website in compliance with data protection regulations. Facebook itself is responsible for the security of its own products. If you wish to exercise your rights as a data subject and, for example, request information about your data processed by Facebook, you can contact Facebook directly. If you assert your rights as a data subject with us, we are obliged to transmit your request to Facebook.

Google Ads

Type and scope of processing

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behaviour and recognise users.

Google Ads collects information about visitor behaviour on various websites. This information is used to optimise the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioural profiles and geographical location. Your IP address and other identification features such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads can assign the visit to your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and save your IP address and other identification features.

In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

The use of Google Ads is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TTDSG.

Storage period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Ads: policies.google.com/privacy.

Google Analytics

Type and scope of processing

We use Google Analytics services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Analytics, we as the website operator can determine how our website is used. As part of the analysis, we learn how often our website is accessed, how long visitors stay on the site and which devices or systems they use to access the website. In addition, we may use Google Analytics to track your mouse movements and clicks. This information may be stored and used by Google to create a profile about you. Google Analytics uses machine learning technologies to analyse and supplement your data. Google Analytics also uses technologies to recognise website visitors in order to analyse user behaviour. The data collected is generally processed on Google servers in the USA.

Purpose and legal basis

When using Google Analytics, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis for the storage and analysis of personal data, as we have a legitimate interest in analysing the use of our website. This enables us to optimise our online presence and offers for you. If you have previously given your consent to data processing on this website by Google Analytics, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at privacy.google.com/businesses/controllerterms/mccs/.

IP anonymisation

When using Google Analytics on this website, we use a function in which Google truncates your IP address before it is transmitted to Google servers in the USA. This only happens if you are located in the European Union or in a country of the European Economic Area. Your full IP address will only be transmitted to the USA in exceptional cases and then shortened there. Google Analytics uses this information to track how you use our website. Your IP address will not be merged with other data held by Google.

Browser plugin

You can prevent Google from collecting and processing data about you. To do this, you must download the browser plugin at tools.google.com/dlpage/gaoptout and install it in your browser.

You can find more information on the processing of user data in the Google Analytics privacy policy at support.google.com/analytics/answer/6004245

Order processing

When using Google Analytics, we comply with the strict regulations of the German data protection authorities, as we have concluded an order processing contract with Google.

Storage duration

Google stores data linked to cookies, user IDs or advertising IDs. This data is stored for two months and then anonymised or deleted. You can find more information on the storage period and the deletion of your data at support.google.com/analytics/answer/7667196.

Google CDN

Type and scope of processing

We use the content delivery network Google Cloud CDN. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

A CDN enables us to deliver some content quickly, in particular large media files. This is done via a network of regionally distributed servers that are connected via the Internet.

Purpose and legal basis

The use of Google Cloud CDN is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: cloud.google.com/terms/eu-model-contract-clause.

Further information on Google Cloud CDN can be found here: cloud.google.com/cdn/docs/overview.

Order processing

In order to ensure that personal data is processed in accordance with our specifications and in compliance with the GDPR, we have concluded an order processing agreement (AVV) with the provider.

Google DoubleClick

Type and scope of processing

We use Google DoubleClick services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google DoubleClick, we can show our users targeted adverts in Google applications linked to DoubleClick that are geared to the interests of the users. In order to show users advertising that is relevant to them, Google DoubleClick must be able to identify the user and associate them with the websites they visit, their clicks and other information about their behaviour. For this purpose, Google DoubleClick uses cookies and technologies to recognise users and creates pseudonymised user profiles based on the data collected.

You can deactivate this personalised advertising in your personal Google account. You can find more information on this at policies.google.com/technologies/ads and adssettings.google.com/authenticated.

Purpose and legal basis

When using Google DoubleClick, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in analysing the use of our website. This enables us to optimise our online presence and offers for you. If you have previously given your consent to data processing by Google DoubleClick on this website, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

Google Tag Manager

Type and scope of processing

We use Google Tag Manager services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to use other tools on our website. It does not create user profiles, it does not store cookies and it does not carry out independent analyses. However, your IP address is recorded and may be transmitted to the USA. The Google Tag Manager itself is only used to manage these tools that are integrated via it.

Purpose and legal basis

When using Google Tag Manager on this website, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in implementing and managing tracking tools on this website quickly and easily. If you have previously given your consent to data processing on this website by Google Tag Manager, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

Google reCAPTCHA

Type and scope of processing

This website uses Google reCAPTCHA. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check the data input (e.g. in a contact form) on this website. Specifically, whether this is done by a human or by an automated programme. Google reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. The analysis begins automatically as soon as the visitor accesses the website. The data collected during the analysis, such as the IP address, the time spent on the website by the visitor or the mouse movements made, are forwarded to Google.

Visitors to the website are not informed that an analysis is taking place; this takes place entirely in the background.

You can find Google's privacy policy and terms of use at the following links: policies.google.com/privacy and policies.google.com/terms.

Purpose and legal basis

The data is stored and analysed on the basis of our legitimate interest in protecting our website from abusive automated spying and SPAM (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data will be processed exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR. This can be revoked at any time.

Twitter plugin

Type and scope of processing

We use Twitter services and functions on this website, which are offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

If you use Twitter functions such as ‘Re-Tweet’ on this website, your data and information about the websites you visit will be forwarded to Twitter. This data is assigned to your personal Twitter account so that other users can also view this data.

We do not know the content of the transmitted data or the purposes for which Twitter uses the data. You can find more information on this data processing in Twitter's privacy policy at twitter.com/de/privacy.

Purpose and legal basis

When using the Twitter plugin, we rely on Art. 6 para. 1 lit. f GDPR as the legal basis, as we have a legitimate interest in an extensive presence on the social media platforms. If you have previously given your consent to data processing on this website by the Twitter plugin, the processing of your data takes place solely on the legal basis of Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time.

The transfer of your personal data to the USA takes place on the legal basis of the standard contractual clauses of the EU Commission. You can find more information on this at gdpr.twitter.com/en/controller-to-controller-transfers.html. You can make certain data protection settings in your Twitter account at twitter.com/account/settings

Promotions

reserve table