Data Protection Declaration

1. Data protection at a glance

Analytical tools and tools from third-party providers

When visiting our website, your browsing behaviour may undergo statistical analysis. This takes place primarily using cookies and so-called analysers. Your browsing behaviour is generally analysed anonymously; browsing behaviour cannot be traced back to you. You can object to this analysis or prevent it by avoiding the use of certain tools. Detailed information on this can be found in the following data protection declaration. You can object to this analysis. In this data protection declaration, we will provide information regarding the means by which to object.

2. General notes and mandatory information

Note regarding the responsible body

The responsible body for data processing on this website is:

Zeno Grundstücksverwaltungs-GmbH
Am Münster 3
D-83435 Bad Reichenhall

Telefon: +49 8651 776-0
E-Mail: reichenhall(at)amber-hotels.de

The responsible body is the physical person or legal entity that, either alone or working together with others, decides on the purposes and means by which personal data is processed (e.g. names, email addresses etc.).

We process these data

We process personal data that we receive from you in the course of our business relationship. In addition, we process – insofar as necessary for the provision of our services – personal data that we have permissibly received from other companies of  Zeno Grundstücksverwaltungs-GmbH,  Amber Hotel Plaza Betriebsgesellschaft mbH, Econtel München Hotelbetriebsgesellschaft mbH or other third parties (e.g. trade fair and training organisers, credit agencies, etc.). Furthermore, we process personal data that we have obtained from public sources (e.g. land registers, press, Internet) and are permitted to process.

Relevant personal data are among others: Customer and supplier master data (e.g. contact person, e-mail address, postal address, other contact data), billing data, contract data, advertising and sales data and other data comparable to the categories mentioned.

Purpose and legal basis of the data processing

We collect and process personal data for the following purposes:

  • Necessary for the fulfilment of a contract or the implementation of pre-contractual measures. The legal basis is Article 6 paragraph 1 lit. b) DSGVO.
  • Direct advertising for our own products or services. The legal basis is Article 6 para. 1 lit. f) DSGVO, whereby our legitimate interest is to provide you with information about our own products and services for the purpose of direct advertising.
  • Customer data analysis for the purpose of creating tailor-made product offers. The legal basis is Article 6 Paragraph 1 lit. f) DSGVO, whereby our legitimate interest is to continuously improve our own services and products and to be able to offer you tailor-made products in line with your needs.
  • Your personal data will only be processed for purposes other than those mentioned above if you have given us your consent to process them. The legal basis is Article 6 paragraph 1 lit. a) DSGVO.

Recipient of the data

Within our company, access to your data is granted to those entities that need it to fulfil our contractual and legal obligations. Our service managers and vicarious agents (contract processors as defined in Art. 4 No. 8 DSGVO) may also receive data for these purposes, provided that they maintain confidentiality and comply with our instructions under data protection law. These are essentially companies from the categories listed below: Credit agencies, debt collection, telephone, billing, printing and IT service providers, network operators, metering point operators and specialist companies. Your personal data will only be passed on to third parties if this is necessary to achieve the above-mentioned purposes.

Where data are transferred to a third country or to an international organisation

Your personal data will not be passed on to recipients outside the European Union or the European Economic Area (so-called third countries) or international organisations.

How long will my data be stored.

We process and store your personal data at least until the purpose for which it was collected has been achieved, generally for the duration of an existing contractual relationship. We will also store and process your postal address beyond the end of the existing business relationship for a maximum period of 24 months after termination of the business relationship for the purpose of direct advertising for some products. Your personal data will be deleted once the purpose has been achieved, provided that all mutual claims arising from the business relationship have been met and the temporary storage of the data is no longer required for the following purposes:

  • Compliance with commercial and tax law retention periods (this can be up to ten years from the end of the existing contractual relationship)
  • Preservation of evidence within the framework of the legal statute of limitations (in individual cases this can be up to 30 years, with the regular limitation period being three years)

Is there an obligation for me to provide data

Within the scope of our business relationship, you must provide us with the personal data required for the establishment and execution of a business relationship and the fulfilment of the associated contractual obligations. Without this data, we will generally have to refuse to conclude the contract or execute the order or will no longer be able to execute an existing contract and may have to terminate it.

To what extent is there automated decision making (including profiling)

As a matter of principle, we do not use a fully automated decision-making process in accordance with Article 22 of the DSGVO to establish and implement the business relationship. Should we use these procedures in individual cases, we will inform you of this separately.

Right of objection

You can object to the processing of your personal data for the purposes of direct advertising and/or market research at any time without giving reasons. After receipt of your objection, we will no longer process the personal data for the purposes of direct advertising and/or market research and will delete the data if processing is not required for other purposes (e.g. to fulfil the contract).

You can also object to other processing which we base on a legitimate interest within the meaning of Art. 6 Para. 1 f) DSGVO at any time by stating these reasons. In the event of a justified objection, we will in principle no longer process personal data for the purposes concerned and will delete the data unless we can prove compelling reasons for processing which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

The objection should be addressed directly to the company concerned:

  • Zeno Grundstücksverwaltungs-GmbH, Am Münster, 83435 Bad Reichenhall, Telefon: +49 8651 776-0, E-Mail: reichenhall@amber-hotels.de
  • Amber Hotel Plaza Betriebsgesellschaft mbH, Wildparkstraße 6, 09247 Chemnitz-Röhrsdorf, Telefon: +49 3722 513-0, E-Mail: chemnitz@amber-hotels.de
  • Econtel München Hotelbetriebsgesellschaft mbH, Bodenseestraße 227, 81243 München, Telefon: +49 89 87189-0, E-Mail: muenchen@econtel-hotels.de

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and according to statutory data protection regulations, as well as in accordance with this data protection declaration. When you use this website, various pieces of personal data are collected. Personal data is data by which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and to what purpose we collect data. We hereby point out that data transfer via the Internet (e.g. during communication by email) may involve gaps in security. Absolute protection of data against access by third parties is not possible.

Revocation of your consent to data processing

Many data processing processes are only possible with your express consent. You can withdraw already granted consent at any time. In order to withdraw consent, all that is required is that you send us an email. The lawfulness of the data processing that has taken place prior to revocation will remain unaffected by the revocation.

Right of appeal to the competent supervisory authority

In the case of data protection violations, the affected party has a right to appeal to the competent supervisory authority. The competent supervisory authority in matters pursuant to data protection law is the State Data Protection Officer of the Federal State in which our company has its head office. A list of the data protection officers and their contact details can be found via the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data that we automatically process on the basis of your consent or within the scope of the fulfilment of a contract issued to you or to a third party in a standard, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only take place insofar as is technically feasible.

SSL or TLS encryption

For security reasons and to protect confidential content, such as orders or queries that you send to us within our capacity as site operators, this site uses SSL or TLS encryption. You can recognise an encrypted connection in that the address bar of the browser changes from “http://” to “https://”, and by the lock symbol in your browser line. If SSL or TLS encryption is activated, then the data that you send to us cannot be read by third parties.

Encrypted payment transactions on this website

Following the conclusion of a fee-based contract, if there is an obligation to send us your payment details (e.g. account number with direct debit authorisation), this data will be required for the processing of payment. Payment transactions using standard means of payment (Visa/MasterCard, direct debit) take place exclusively via an encrypted SSL or TLS connection. You can recognise an encrypted connection in that the address bar of the browser changes from “http://” to “https://”, and by the lock symbol in your browser line. During encrypted communication, the payment details that you send to us cannot be read by third parties.

Access to, blocking and deletion of information

Within the scope of the applicable statutory provisions, you have the right to access your stored personal data at all times and at no cost, and to know its origin, recipients and the purpose of data processing, and if applicable you also have a right to demand the correction, blocking or deletion of this data. Questions regarding this and other matters relating to the topic of personal information can be submitted to us at any time using the address stated in the Legal Notice.

Note regarding external links

This website contains links to external websites of third parties, on whose content we have no influence. For this reason, no guarantee can be assumed for these external contents. The contents of external websites to which links are provided here do not reflect the opinion of the website operator, but are merely intended to provide information and present context. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible legal violations at the time of linking. At the time of linking, illegal contents were not discernible. A permanent control of the contents of the linked pages is not reasonable without concrete evidence of an infringement. As soon as we become aware of any legal infringements, we will remove such links immediately.

3. Data Protection Officer

Legally prescribed Data Protection Officer

We have appointed a data protection officer for our company.

Sascha Hasselbach
c/o EDV-Fortress
Kronprinzstr. 47-49
40764 Langenfeld

www.datenschutz-extern-nrw.de
Telefon: 021732041244
E-Mail: datenschutz@amber-hotels.de

4. Data recording on our website

Cookies

In some instances, our web pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies help us to make our website more user-friendly, efficient and secure. Cookies are small text files that are placed on your computer and that your browser stores. The majority of the cookies we use are so-called “session cookies”. They are deleted automatically when your visit is over. Other cookies remain saved on your end device until you delete them. These cookies allow us to recognise your browser the next time you visit us. You can configure your browser in such a way that you are informed of the placing of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or generally, and activate the automatic deletion of cookies when you close your browser. If cookies are disabled, the functionality of this website may be impaired. Cookies that are required in order to execute the electronic communication process or for the provision of certain desired features (e.g. shopping cart feature) are stored on the basis of Art. 6(1) (f) GDPR (General Data Protection Regulation). The website operator has a legitimate interest in the storing of cookies, with a view to ensuring the technically flawless and optimised provision of his services. Insofar as other cookies (e.g. cookies for the analysis of your browsing behaviour) are saved, these are addressed separately in this data protection declaration.

Cookie Consent with Borlabs Cookie

Our website uses Borlabs Cookie Content technology to obtain your consent to store certain cookies in your browser and to document this consent in a manner consistent with data protection. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consent you have given or the revocation of this consent. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you request us to delete it or until you delete the Borlabs cookie itself or until the purpose for which the data is stored no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing of Borlabs cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie content technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 Abs. 1 S. 1 lit. c DSGVO.

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser sends to us automatically. This includes:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not combined with data from other sources. The legal basis for the processing of this data is Art. 6(1) (f) GDPR. Our legitimate interest results from the following reasons for data collection: system security and stability.

Contact form

When you submit queries to us using the contact form, your details from the query form, including the contact details you provide there, will be stored by us for the purpose of the processing of the query and for the event of follow-up queries. We will not pass this data on without your consent. The data provided in the contact form will only be processed subject to your consent (Art. 6(1) (a) GDPR). You can withdraw this consent at any time. In order to withdraw consent, all that is required is that you send us an email. The lawfulness of the data processing that has taken place prior to the revocation shall remain unaffected by the revocation. The data you enter in the contact form will remain stored by us until you request that it be deleted, withdraw your consent to its being stored or until the purpose for which the data is being stored is no longer applicable (e.g. once your query has finished being processed). Mandatory statutory provisions – in particular storage terms – shall remain unaffected.

Job Applications

We process the data you have sent us in connection with your application the following responsible entity:

  • AMBER HOTEL BAVARIA Bad Reichenhall (Zeno Grundstücksverwaltungs-GmbH, Am Münster 3, 83435 Bad Reichenhall)
  • AMBER HOTEL Chemnitz Park (Amber Hotel Plaza Betriebsgesellschaft mbH, Wildparkstraße 6, 09247 Chemnitz-Röhrsdorf)
  • AMBER ECONTEL München (Econtel München Hotelbetriebsgesellschaft mbH, Bodenseestraße 227, 81243 München)

Purpose of data collection, processing or use and legal basis
We process the data that you have sent us in connection with your application in order to check your suitability for the position (or other open positions in our company, if applicable) and to carry out the application procedure. The legal basis is §26 BDSG n.F.

Recipients or categories of recipients
Internal employees who are responsible for the applicant selection process.

Standard periods for the deletion of data
Data of applicants will be deleted after 6 months in case of rejection. If you change to an employment relationship with the responsible unit during the application process, the application documents will be added to the personnel file.

 

Processing of data (customer and contractual data)

We collect, process and use personal data only insofar as this is required for the establishment, definition with respect to content or amendment of the legal relationship (inventory data).

This takes place on the basis of Art. 6(1) (b) GDPR, which authorises the processing of data for the fulfilment of a contract or pre-contractual measures.

We only collect, process and use personal data provided through the use of our website (usage data) insofar as this is necessary to allow the user to avail of the service, or to bill him for it.

In order to process our online bookings, we use a service provided by Hotelnetsolutions GmbH (HNS), Genthiner Str. 8 in 10785 Berlin.

If you book or reserve a room online, then your personal data will be transmitted to “HNS”. 14 days after your departure, we will delete this personal data from the servers of Hotelnetsolutions GmbH.

The processing of the booking takes place on the basis of Art. 6(1) (b) GDPR, which authorises the processing of data for the fulfilment of a contract or pre-contractual measures. You also have the option to register during the booking process. The data entered there will also be stored by HNS and allows you to use the data you have entered for future bookings. For important changes, for example to the scope of the services offered or in the event that technical changes are required, we use the email address you have entered during registration to keep you informed.

The data entered during registration is processed subject to your consent (Art. 6(1) (a) GDPR). You can withdraw your granted consent at any time.

In order to withdraw consent, all that is required is that you send us an email. The lawfulness of the data processing that has already taken place shall remain unaffected by the revocation. The data recorded during registration will be stored by us for as long as you are registered with our website and thereafter will be deleted. Legal storage periods remain unaffected.

We have concluded a contract with HNS for order data processing.

Collected customer data will be deleted following the completion of the order or the termination of the business relationship. Legal storage periods remain unaffected.

5. Analytical tools and advertising

Google Tag Manager

We use “Google Tag Manager” on our website, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (hereafter referred to as “Google”). Google Tag Manager allows us as marketers to manage web page tags from one interface. The Google Tag Manager tool that implements the tags is a cookie-free domain and does not collect personally identifiable information. Google Tag Manager triggers other tags that may collect data under certain circumstances. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain effective for all tracking tags implemented with Google Tag Manager.

Google has now submitted to and is certified according to the Privacy Shield Agreement between the European Union and the United States. As a result, Google agrees to comply with the standards and regulations of European data protection law. You can find additional information in the following linked entry: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

More information about data protection can be found on Google’s following websites:

etracker

Our website uses the analysis service etracker. The provider is etracker GmbH, Erste Brunnenstrafle 1, 20459 Hamburg, Germany. User profiles can be created from the data under pseudonyms. Cookies may be used to this end. Cookies are small text files that are stored in the visitor’s local browser cache. They make it possible for your browser to be recognised again. The data compiled with the etracker technologies will not be used to personally identify visitors to this website and will not be associated with personal data regarding the bearer of the pseudonym without the express permission of the respective individual.

etracker cookies remain on your end device until you delete them.

The storage of etracker cookies takes place on the basis of Art. 6(1) (f) GDPR. The website operator has a legitimate interest in the analysis of user behaviour, in order to optimise both his website and his advertising.

You can object to the collection and storage of date at any time with future effect.

To object to the collection and storage of your user data with future effect you can acquire an opt-out cookie from etracker via the following link. This will ensure that in future no visitor data from your browser will be collected and stored by etracker: https://www.etracker.de/privacy?et=V23Jbb.

An opt-out cookie with the name “cntcookie” from etracker will thus be placed on your computer. Please do not delete this cookie if you wish to maintain your objection. You can find more information on this in etracker’s privacy policy: https://www.etracker.com/de/datenschutz.html.

Browser Notifications

If browser notifications for this website are activated via the “signalize” service by you, a function of your Internet browser is used to provide the notifications. Only anonymous or pseudonymous data is transmitted for the purpose of sending messages. These can include the following, depending on the configuration of the website:

  • Pseudonymous User ID: a randomly generated value (example: 108bf9a85547edb1108bf9a85547edb1) stored in a tracking cookie ID
  • Pseudonymous digital fingerprints, pseudonymous mobile device codes and where required pseudonymous Cross-Device Identifiers

This information will only be used to deliver the notifications you have subscribed to and to configure notification-related settings. We ask for your consent to store this data. The legal basis for data processing in this case is Art. 6 Para. 1 lit. a GDPR. You can object to the receipt of notifications at any time via the settings of your browser. Information about unsubscribing to Web Push notifications for the respective browsers can be found here. You can unsubscribe on your mobile device directly in your device settings for the app or wallet card.

In order to be able to design the browser notifications in a way that makes sense for you in terms of content, we use the preferences collected on the basis of a pseudonymous user profile by means of tracking pixels and combine your notification ID with the user profile of the website for the sole purpose of sending personalised messages. Tracking technology is also used for the statistical evaluation of notifications on our behalf. In this way it can be determined whether a notification has been delivered and whether it has been clicked. The data generated as a result is processed and saved on our behalf by etracker GmbH exclusively in Germany and is thus subject to strict German and European data privacy laws and standards. etracker has been independently audited and certified in this respect and is entitled to bear the data privacy seal ePrivacyseal to bear.

Data processing for the statistical analysis of the notifications and also to allow us to better adapt future notifications to the interests of the recipients is based on our legitimate interest in personalised direct advertising pursuant to Art. 6 Para. 1 lit. f GDPR. Since the privacy of our visitors is very important to us, the data that may allow a reference to an individual person, such as the IP address, login or device IDs, is anonymised or pseudonymised as soon as possible. The possibility to link the information to a specific person is thus excluded. The data is not used for other purposes or passed on to third parties.

You can object to the data processing described above at any time.

Conclusion of a contract regarding the processing of order data

We have concluded a contract with etracker concerning the processing of order data and fully comply with the strict provisions issued by the German Data Protection Authorities when using etracker.

6. Newsletter

Newsletter data

If you would like to receive the newsletter offered on this website, we require that you provide an email address as well as information enabling us to check that you are the holder of the email address indicated and your consent to the receipt of the newsletter. No other data will be collected, or such data will only be collected on a voluntary basis. We will only use this data to send you the required information and will not forward it to third parties. The processing of the data entered in the newsletter registration form will only take place on the basis of your consent (Art. 6(1) (a) GDPR). Your issued consent to the storage of your data, your email address and its use for the sending of the newsletter can be withdrawn at any time, for instance using the “Unsubscribe” link in the newsletter. The lawfulness of the data processing that has taken place prior to the revocation shall remain unaffected by the revocation.

The data you store with us for the purpose of the newsletter subscription will be stored by us until you unsubscribe from the newsletter, at which point it will be deleted. Data that we hold stored for other purpose (e.g. email addresses for the membership area) shall remain unaffected.

Please understand that for legal reasons our newsletter may only be subscribed to by persons over the age of 16 years.

empaction

This website uses the technical platform of empaction GmbH for sending newsletters. Provider is empaction GmbH, Marktstrasse 33-35, 60388 Frankfurt am Main, Germany.

empaction is a technology provider with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of receiving newsletters is stored on empaction’s servers in Germany.

If you do not want empaction to analyze your data, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

Data analysis by empaction

For the purpose of analysis, the emails sent with empaction contain a so-called “tracking pixel”, which connects to empaction’s servers when the email is opened and allows personalized tracking. In this way, it can be determined whether a newsletter message has been opened.

Furthermore, with the help of empaction, we can determine whether and which links in the newsletter message are clicked. All links in the e-mail are so-called tracking links, with which your clicks can be counted.

You can find more information at https://empaction.com/de/start.html and https://empaction.com/de/wissen.html.

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation. You give your consent for the following Amber partner hotels:

  • AMBER HOTEL BAVARIA Bad Reichenhall (Zeno Grundstücksverwaltungs-GmbH, Am Münster 3, 83435 Bad Reichenhall)
  • AMBER HOTEL Chemnitz Park (Amber Hotel Plaza Betriebsgesellschaft mbH, Wildparkstraße 6, 09247 Chemnitz-Röhrsdorf)
  • AMBER ECONTEL München (Econtel München Hotelbetriebsgesellschaft mbH, Bodenseestraße 227, 81243 München)

storage period

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of empaction after you unsubscribe from the newsletter.

Conclusion of a contract for order data processing

We have concluded a contract with empaction in which we oblige empaction to protect our customers’ data and not to pass it on to third parties.

Sendinblue

This website uses Sendinblue to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Sendinblue is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of receiving the newsletter is stored on Sendinblue’s servers in Germany.

Data analysis by Sendinblue

With the help of Sendinblue, it is possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In this way, we can determine, among other things, which links were clicked on particularly often.
In addition, we can see whether certain previously defined actions were performed after opening/clicking (conversion rate). For example, we can see whether you have made a purchase after clicking on the newsletter.

Sendinblue also allows us to subdivide (“cluster”) newsletter recipients based on various categories. In doing so, newsletter recipients can be subdivided by age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.

If you do not want Sendinblue to analyze your newsletter, you must unsubscribe. For this purpose, we provide a corresponding link in every newsletter message.

For detailed information on the Sendinblue functions, please refer to the following link: https://de.sendinblue.com/newsletter-software/.

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation. You give your consent for the following Amber partner hotels:

  • AMBER HOTEL BAVARIA Bad Reichenhall (Zeno Grundstücksverwaltungs-GmbH, Am Münster 3, 83435 Bad Reichenhall)
  • AMBER HOTEL Chemnitz Park (Amber Hotel Plaza Betriebsgesellschaft mbH, Wildparkstraße 6, 09247 Chemnitz-Röhrsdorf)
  • AMBER ECONTEL München (Econtel München Hotelbetriebsgesellschaft mbH, Bodenseestraße 227, 81243 München)

Storage period

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

For more details, please refer to Sendinblue’s privacy policy at: https://de.sendinblue.com/datenschutz-uebersicht/.

Conclusion of a contract for order processing

We have concluded a contract with Sendinblue in which we oblige Sendinblue to protect our customers’ data and not to pass it on to third parties.

7. Plugins and tools

YouTube

Our website uses plugins from Google’s YouTube site. The site is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our YouTube-enabled pages, you will be connected to YouTube’s servers. The Youtube server is informed which of our pages you have visited. When you are logged in to your YouTube account, you enable YouTube to map your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of providing an appealing presentation of our online services. This constitutes a legitimate interest as defined in Art. 6(1) (f) GDPR. Further information on the handling of user data can be found in YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy.

Google Web Fonts (local hosting)

This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

Further information about Google Web Fonts can be found at

https://developers.google.com/fonts/faq and in the privacy policy of Google: https://policies.google.com/privacy?hl=de.

8. Social networks

Data processing by social networks

We maintain publicly available profiles on social networks. You will find a list of the social networks we use below.
Social networks such as Facebook, Google+ etc. can generally analyse user behaviour comprehensively when their website or a website with integrated social media content (such as buttons or advertising banners) is accessed. When you visit our social media pages, numerous data protection-relevant processing operations are triggered.

In detail:
If you are logged on to your social media account and visit our social media pages, the operator of the social media platform can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media platform. In this case, the data is collected, for example, via cookies that are stored on your terminal device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media platforms can create user profiles in which your preferences and interests are stored. In this way, interest-related advertising can be displayed inside and outside the respective social media pages. If you have an account with the relevant social network, interest-based advertising can be displayed on all devices on which you are logged in or were logged in.

Please also note that we cannot track all processing on the social media platforms. Depending on the provider, the operators of the social media platforms may be able to carry out further processing operations. Details can be found in the terms of use and privacy policies of the respective social media platforms.

Legal basis

Our social media sites are designed to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be stated by the operators of the social networks (for example consent pursuant to Art. 6 (1) (a) GDPR).

Controller and assertion of rights

If you visit one of our social media pages (such as Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can exercise your rights (to information, correction, deletion, restriction of processing, data portability and to lodge a complaint) both with us as well as with the operator of the respective social media platform (for example with Facebook).

Please note that despite our joint responsibility with the social media platform operators, we do not have full control over the data processing operations of the social media platforms. Our possibilities depend to a large extent on the corporate policy of the respective provider.

Retention period

The data collected directly from us via the social media pages will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular legal retention periods – remain unaffected.

We have no influence on the retention period of your data, which is stored by the social network operators for their own purposes. For details, please contact the operators of the social networks directly (for example in their privacy policy, see below).

Social networks in detail

Facebook
We have a profile on Facebook. Provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.

We have concluded an agreement with Facebook on a joint responsibility for the processing of data (Controller Addendum). This Agreement sets out the data processing operations that we or Facebook are responsible for when you visit our Facebook fan page.

You can view this agreement at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum

You can adjust your advertisement settings independently in your user account. Click on the following link and log in:
https://www.facebook.com/settings?tab=ads

Further information can be found in the Facebook privacy policy:
https://www.facebook.com/about/privacy/

ContactClose
Any questions?
Scroll to top