General information
The following information is designed to give you a simple overview of what will happen to your personal data when you visit our website. The term “personal data” is used below to refer to any data with which you can be personally identified. You can find detailed information on data protection in our privacy policy below.
Data collection on our website
Who is responsible for the collection of data on this website?
The data processing on this website is performed by the website operator, whose contact details can be found in our legal notice.
How will we collect your data?
Some of the data we collect will be provided by you. This may include data that you enter in a contact form.
Other data will be automatically collected by our IT systems when you visit our website. This particularly includes technical data (e.g. your Internet browser, operating system or the time of your visit). This data will be collected automatically as soon as you enter our website.
What will we use your data for?
Some of your data will be collected to ensure that our website is delivered correctly. Other data may be used to analyse your user behaviour.
What rights do you have with regard to your data?
You have the right to obtain free information about the source, recipients and purpose of your stored personal data at any time. You also have the right to request the rectification, blocking or erasure of your data. If you have any questions about the information provided on this page or any other aspects of data protection, please contact us by referring to the details indicated in our legal notice. Furthermore, you are entitled to lodge a complaint with the competent supervisory authority.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. For more details, please refer to the section on your right to the restriction of processing in our privacy policy.
Analytical and third-party tools
Your surfing habits may be statistically evaluated when you visit our website. This will mainly be done using cookies and analysis programmes. As this analysis is usually anonymous, it will not be possible to trace your surfing habits back to you.
You can object to this analysis or prevent it by not using certain tools. You can find more detailed information on such tools and your right to object in the privacy policy below.
Data protection
We find it very important to protect your personal data. We will treat your personal data confidentially in accordance with the applicable data protection regulations and this privacy policy. Various forms of personal data will be collected when you use this website. The term “personal data” is used below to refer to any data with which you can be personally identified. The aim of this privacy policy is to make you aware of the data that will be collected when you visit our website and to explain how we will use this data. We will also provide more information on the purposes of our data processing. Please note that data transferred via the Internet (e.g. email communication) may be affected by security issues. Data cannot be completely protected against third-party access.
Information on the controller
The party responsible for data processing (“controller”) on this website is:
Hotel Dreyer -garni- Marco Dreyer
Tel.: +49 5424 21900
Email: info@hotel-dreyer.de
The “controller” is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, email addresses).
Right to withdraw your consent to data processing
Many data processing operations are only possible with your express consent. You may withdraw your consent at any time. You can do this by notifying us informally by email. If you withdraw your consent, however, this will not affect the lawfulness of any data processing performed up to that point in time.
Right to object to data collection in particular cases and direct marketing (Art. 21 GDPR)
If your personal data is being processed on the basis of point (e) or (f) of Art. 6 (1) GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, including any profiling based on those provisions. The relevant legal basis for each type of processing can be found in this privacy policy. If you file an objection, we will only continue to process your personal data if we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or if your personal data is processed for the establishment, exercise or defence of legal claims (right to object pursuant to Art. 21 (1) GDPR).
If your personal data is being processed for direct marketing, you may always object to the processing of your personal data for such purposes, including any profiling related to such direct marketing. If you object, we will no longer use your personal data for direct marketing purposes (right to object pursuant to Art. 21 (2) GDPR).
Right to lodge a complaint with the competent supervisory authority
If the provisions of the GDPR are ever breached, you have the right to lodge a complaint with a data protection supervisory authority, particularly in the Member State of your habitual place of residence / work or the location of the alleged breach. Even after lodging a complaint, you reserve the right to seek other forms of administrative or judicial remedy. A list of the data protection supervisory authorities and their contact details can be found here: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html (Germany) and https://www.dsb.gv.at/ueber-die-website/kontakt.html (Austria).
Right to data portability
If we are processing your data by automated means on the basis of your consent or for the performance of a contract, you may ask for this data to be returned to you or transferred to a third party in a commonly used, machine-readable format. If you ask for your data to be transferred directly to another controller, we will only be able to honour your request if it is technically feasible.
SSL and TLS encryption
This site uses SSL and TLS encryption to ensure security and protect the transmission of sensitive data, such as any orders or enquiries that you send to the website operator. You can tell whether an encrypted connection has been established, as your browser’s address bar will have changed from “http://” to “https://” and a padlock symbol will be displayed in your browser bar.
If SSL or TLS encryption is enabled, third parties will not be able to intercept any data you send us.
Encrypted payments
If you are obliged to send us your payment details after entering into a fee-based contract with us (e.g. account number for direct debit), this data will be required to process your payment(s). All transactions involving common means of payment (Visa / MasterCard, direct debit) will always be carried out via an encrypted SSL or TLS connection. You can tell whether an encrypted connection has been established, as your browser’s address bar will have changed from “http://” to “https://” and a padlock symbol will be displayed in your browser bar. If our communication is encrypted, third parties will not be able to intercept any payment details you send us.
Access, blocking, erasure and rectification
In accordance with the applicable legal provisions, you have the right to obtain free information on your stored personal data, as well as its source, recipients and the purpose of processing at any time; if applicable, you may also request the rectification, blocking or erasure of your data. If you have any questions about the information provided on this page or any other aspects of personal data, please contact us by referring to the details indicated in our legal notice.
Right to the restriction of processing
You have the right to request the restriction of the processing of your personal data. To do this, please contact us by referring to the details indicated in our legal notice. You may request the restriction of processing in the following cases:
If the processing of your personal data has been restricted, it may only be processed (with the exception of storage) with your consent, or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.
Objection to advertising emails
The contact details published in accordance with our obligation to provide a legal notice must not be used for the purpose of sending unsolicited advertising and information. We explicitly reserve the right to take legal action if we are sent unsolicited advertising (e.g. spam emails).
Cookies
Cookies are used on some of our web pages. They do not contain any viruses and will not cause any harm to your computer. Cookies help to make our website safer, more user-friendly and more efficient. They are small text files that will be saved by your browser and stored on your computer.
Most of the cookies we use are “session cookies”, which will be automatically deleted at the end of your visit. Other cookies will remain stored on your device until you delete them, allowing us to recognise your browser the next time you visit our website.
You can change your browser settings so that you receive a notification whenever cookies are about to be stored on your device. You can configure your browser to only allow cookies in specific cases or to reject cookies – either in certain cases or in general – and you can allow cookies to be automatically deleted whenever you close your browser. If you disable cookies, however, you might not be able to use all features of this website.
Any cookies that are necessary for electronic communication processes or for providing certain features you request (e.g. shopping cart) will be stored on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in storing cookies to optimise our services and eliminate any technical faults. If any other cookies are stored (e.g. to analyse your surfing habits), they will be covered separately in this privacy policy.
Server log files
We will automatically collect and store certain information in “server log files”, which your browser will automatically send to us. The following information will be collected and stored:
This data will not be merged with any other data sources. This data will be collected on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in ensuring the technically faultless presentation and optimisation of our website, and the server log files must be compiled for this purpose.
Contact form
If you send us an enquiry via the contact form, the information you provide – including your contact details – will be stored to enable us to process and respond to your enquiry. We will not share this data without your consent. We will only ever process the data you enter in the contact form with your consent (point (a) of Art. 6 (1) GDPR). You may withdraw your consent at any time. You can do this by notifying us informally by email. If you withdraw your consent, however, this will not affect the lawfulness of any data processing performed up to that point in time. We will retain your data entered in the contact form until you request its deletion, until you withdraw your consent to its storage, or until the purpose for which your data was collected no longer applies (e.g. once your enquiry has been fully processed). We reserve the right to comply with mandatory legal provisions, particularly retention periods.
Email, telephone or fax enquiries
If you contact us by email, telephone or fax, we will save and process your enquiry, including any personal data contained therein (e.g. name), to deal with your request. We will not share this data without your consent.
If your enquiry concerns the performance of a contract or pre-contractual measures, your data will be processed on the basis of point (b) of Art. 6 (1) GDPR. In all other cases, the processing will be based on your consent (point (a) of Art. 6 (1) GDPR) and/or our legitimate interest (point (f) of Art. 6 (1) GDPR), as we have a legitimate interest in effectively handling any enquiries addressed to us.
We will retain your data entered in the contact form until you request its deletion, until you withdraw your consent to its storage, or until the purpose for which your data was collected no longer applies (e.g. once your enquiry has been fully processed). We reserve the right to comply with mandatory legal provisions, particularly statutory retention periods.
Registering on our website
You can register on our website to unlock additional features. We will process the data you enter during registration exclusively for the purpose of allowing you to use the services for which you have registered. You will have to provide all mandatory information requested during registration. Otherwise, you will not be able to register.
We will inform you of any important changes (e.g. to our range of services or technically necessary changes) using the email address you provide during registration.
We will only ever process the data you enter during registration with your consent in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time. You can do this by notifying us informally by email. If you withdraw your consent, however, this will not affect the lawfulness of any data processing performed up to that point in time.
We will store the data collected during registration for as long as you remain registered on our website; the data will be deleted when you are no longer registered. However, we reserve the right to comply with the statutory retention periods.
Data processing (customer and contract data)
We will only collect, process and use your personal data if this is necessary for the establishment, development or amendment of a legal relationship (master data). This will be done on the basis of point (b) of Art. 6 (1) GDPR, which allows data to be processed for the performance of a contract or pre-contractual measures. We will only collect, process and use your personal data regarding your use of our website (usage data) to the extent necessary to enable you to use the service or for billing purposes.
Your customer data will be deleted at the end of the order or business relationship. However, we reserve the right to comply with the statutory retention periods.
Data transferred when entering into contracts (online shops, retailers and shipping)
We will only send your data to third parties if this is necessary to perform the contract (e.g. to the company tasked with delivering the goods or to the bank instructed to process the payment). Otherwise, your data will not be passed on to third parties unless you give your explicit consent (e.g. for advertising purposes).
Your data will be processed on the basis of point (b) of Art. 6 (1) GDPR, which allows data to be processed for the performance of a contract or pre-contractual measures.
Data transferred when entering into contracts (services and digital content)
We will only send your data to third parties if this is necessary to perform the contract (e.g. to the bank commissioned to process the payment). Otherwise, your data will not be passed on to third parties unless you give your explicit consent (e.g. for advertising purposes). Your data will be processed on the basis of point (b) of Art. 6 (1) GDPR, which allows data to be processed for the performance of a contract or pre-contractual measures.
Registering with Facebook Connect
Instead of registering directly on our website, you can register with Facebook Connect. This is a service provided by Facebook Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland).
If you decide to register with Facebook Connect and click on the “Log in with Facebook” / “Connect with Facebook” button, you will be automatically redirected to the Facebook platform so that you can enter your Facebook log-in details. This will link your Facebook profile to our website or services, enabling us to access your data stored on Facebook. This mainly includes:
This data will be used to set up, provide and personalise your account.
If you register with Facebook Connect, the associated data processing will be based on your consent in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time with future effect.
You can find more information in Facebook’s privacy policy and terms of service: https://de-de.facebook.com/about/privacy/ and https://de-de.facebook.com/legal/terms/.
Comments function on this website
If you use the comments function on this website, we will store the content of your comments in addition to the time of your comments, your email address and your chosen username (unless you post anonymously).
Storage of IP address
If you post any comments, our comments function will store your IP address. As we do not check comments on our website before they are posted, we need this data so that we can take action against anyone who posts unlawful content (e.g. insults or propaganda).
Subscribing to comments
As a website user, you can subscribe to comments. Once you have registered, you will receive a confirmation email to verify that you are the owner of the email address provided. You can unsubscribe from this feature at any time by clicking on the relevant link in the info emails. If you unsubscribe, any data you entered when subscribing to comments will be deleted; if you have provided us with this data for other purposes or elsewhere (e.g. newsletter subscription), it will remain with us.
Retention of comments
Your comments and the associated data (e.g. IP address) will be stored and will remain on our website until the content on which you comment has been completely deleted or the comments have to be deleted for legal reasons (e.g. offensive comments).
Legal basis
Your comments will be stored on the basis of your consent in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time. You can do this by notifying us informally by email. If you withdraw your consent, this will have no bearing on the lawfulness of any data processing performed up to that point.
Google Fonts
This website uses Google Fonts to ensure a uniform typeface. Google Fonts are installed locally; no connection will be established to the Google servers.
Google Maps
This website uses Google Maps via an API. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Your IP address must be stored to enable the use of Google Maps. This information will usually be transferred to a Google server in the USA and stored there. We have no control over this data transfer.
We use Google Maps on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in creating a visually appealing website and in making the places mentioned on our website easy to find.
For more information on how your user data will be used, please refer to Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Adobe Fonts
Our website uses certain Adobe Fonts to ensure a uniform typeface. This is a service provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (“Adobe”).
When you visit our website, your browser will load the required fonts straight from Adobe so that they can be displayed correctly on your device. To do this, your browser will establish a connection to the Adobe servers in the USA. Adobe will then be informed that our website has been accessed from your IP address. According to Adobe, no cookies will be stored on your device when the fonts are provided.
Adobe is certified under the EU-US Privacy Shield. This is an agreement between the United States of America and the European Union intended to ensure compliance with European data protection standards. You can find more detailed information here: https://www.adobe.com/de/privacy/eudatatransfers.html.
We use Adobe Fonts on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring a uniform typeface on our website.
You can find more information about Adobe Fonts here: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.
You can find Adobe’s privacy policy here: https://www.adobe.com/de/privacy/policy.html.
YouTube in Privacy Enhanced Mode
Our website features plug-ins from YouTube. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
We use YouTube in “Privacy Enhanced Mode”. According to YouTube, this mode ensures that your information will not be stored by YouTube until you watch a video on our website. However, the fact that we use YouTube in Privacy Enhanced Mode does not necessarily mean that your data will not be passed on to YouTube affiliates. YouTube will always establish a connection to the Google DoubleClick network, regardless of whether you actually watch a video.
As soon as you start playing a YouTube video on our website, a connection will be established to the YouTube servers. As a result, YouTube will find out which of our web pages you have visited. If you have a YouTube account and are logged in, YouTube will be able to match your surfing habits directly to your personal account. You can prevent this by logging out of your YouTube account.
Once you start playing a video, YouTube will also be able to store various cookies on your device, which will enable YouTube to obtain information about you. This information will be used, for example, to record video statistics, to improve user-friendliness and to prevent fraudulent activities. The cookies will remain on your device until you delete them.
Once you start playing a YouTube video, further data processing operations may also be triggered; we have no control over such processing.
We use YouTube on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring the appealing presentation of our website.
You can find more information about YouTube’s data protection practices in its privacy policy: https://policies.google.com/privacy?hl=de.
Vimeo
Our website features plug-ins from Vimeo. This is a service provided by Vimeo Inc. (555 West 18th Street, New York, New York 10011, USA).
Whenever you visit one of our web pages featuring a Vimeo plug-in, a connection will be established to the Vimeo servers. As a result, Vimeo will find out which of our web pages you have visited. Vimeo will also obtain your IP address (even if you are logged out of your Vimeo account or do not have an account). The information collected by Vimeo will be sent to the Vimeo server in the USA.
If you have a Vimeo account and are logged in, Vimeo will be able to match your surfing habits directly to your personal account. You can prevent this by logging out of your Vimeo account.
We use Vimeo on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring the appealing presentation of our website.
For more information on how your user data will be used, please refer to Vimeo’s privacy policy: https://vimeo.com/privacy.
SoundCloud
Some of our web pages may feature plug-ins from SoundCloud. This is a social network provided by SoundCloud Limited (Berners House, 47-48 Berners Street, London W1T 3NF, United Kingdom). You can recognise these plug-ins by the SoundCloud logo on the relevant pages.
If you activate one of the plug-ins on our website, a direct connection will be established between your browser and the SoundCloud server. As a result, SoundCloud will be informed that our website has been visited from your IP address. You can share the content of our pages and/or link it to your SoundCloud profile by clicking the “Share” or “Like” button while you are logged in to your SoundCloud user account. If you do this, SoundCloud will be able to see that you have visited our website via your user account. As the provider of the pages, we do not know exactly which data will be transferred or how it will be used by SoundCloud.
We use SoundCloud on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
You can find more information in SoundCloud’s privacy policy: https://soundcloud.com/pages/privacy.
If you do not want SoundCloud to see that you have visited our website via your SoundCloud user account, you should log out of your SoundCloud user account before activating the SoundCloud plug-in content.
Spotify
Some of our web pages feature plug-ins from Spotify. This is a music streaming service provided by Spotify AB (Birger Jarlsgatan 61, 113 56 Stockholm, Sweden). You can recognise the Spotify plug-ins by the green logo on the relevant pages. You can find an overview of the Spotify plug-ins here: https://developer.spotify.com.
If you activate one of the plug-ins on our website, a direct connection will be established between your browser and the Spotify server. As a result, Spotify will be informed that our website has been visited from your IP address. You can link the content of our pages to your Spotify profile by clicking the Spotify button while you are logged in to your Spotify account. If you do this, Spotify will be able to see that you have visited our website via your user account.
This data processing is based on point (f) of Art. 6 (1) GDPR; we have a legitimate interest in giving our website an appealing acoustic design.
You can find more information in Spotify’s privacy policy: https://www.spotify.com/de/legal/privacy-policy/.
If you do not want Spotify to see that you have visited our website via your Spotify user account, you should log out of your Spotify user account.
Zendesk
We use a CRM system known as “Zendesk” to deal with user enquiries. This is a service provided by Zendesk, Inc. (1019 Market Street, San Francisco, CA 94103, USA).
We use Zendesk on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in dealing with your enquiries quickly and efficiently.
Zendesk is certified under the EU-US Privacy Shield, which means that the provider is committed to complying with EU data protection law. We have also entered into a data processing agreement (DPA) with Zendesk to ensure that the provider always processes user data in accordance with EU data protection standards and does not pass it on to third parties.
When submitting an enquiry, you can choose to only provide your email address and leave out your name.
If you do not want us to process your enquiry via Zendesk, you can alternatively communicate with us by email, telephone or fax.
You can find more information in Zendesk’s privacy policy: https://www.zendesk.de/company/customers-partners/privacy-policy/.
Google reCAPTCHA
We use “Google reCAPTCHA” on our website (“reCAPTCHA”). This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
reCAPTCHA is used to check whether data is entered on our website (e.g. in a contact form) by a human or an automated programme. To do this, reCAPTCHA will analyse various aspects of your user behaviour. This analysis will start automatically as soon as you enter the website. reCAPTCHA’s analysis will be based on various pieces of information (e.g. your IP address, the amount of time you spend on the website, mouse movements). The data collected during the analysis will be passed on to Google.
reCAPTCHA will run its analyses completely in the background. You will not be informed that analysis is taking place.
This data processing is based on point (f) of Art. 6 (1) GDPR; we have a legitimate interest in protecting our online services from abusive automated spying and spam.
For more information about Google reCAPTCHA and Google’s privacy policy, please click on the following links: https://policies.google.com/privacy?hl=de and https://www.google.com/recaptcha/intro/v3.htmll.
YourRate widget
We have integrated a widget for customer reviews on our website. General information about widgets is available here: https://de.wikipedia.org/wiki/Widget.
The widget we use is implemented on our website by yourrate.com. This service is provided by a subcontractor hired by our own provider: Euroweb Internet GmbH (Hansaallee 299, D-40549 Düsseldorf). We have entered into the relevant agreements with our processor, and our processor has done the same with its sub-processor. You can find more details about data processing in YourRate’s general terms and conditions: https://www.yourrate.com/de/agb.
YourRate requests data via the review widget on our website. If you access the widget, your device will establish a connection to the YourRate servers via the browser you are using. This will mainly result in the collection of your IP address. This data will not be merged with any other data sources. Your IP address must be temporarily stored by the system; this is technically necessary to enable the website and widgets to be delivered to your device. You will not be tracked, and no statistical evaluations will be carried out.
Integration of social media content
We have implemented a tool to integrate social media content on our website. This tool is provided by the Curator Group (69 Ruthven Street, Bondi Junction, NSW 2022, Australia). You can find more details about the data processing related to this service in the provider’s privacy policy: https://curator.io/privacy-policy. We have implemented the tool in accordance with point (f) of Art. 6 (1) GDPR; we have a legitimate interest in creating a more user-friendly website and in enabling the integration of social media posts.
Social media plug-ins with Shariff
Our website features plug-ins from various social networks (e.g. Facebook, Twitter, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognise the plug-ins by the relevant social media logos. In order to ensure data protection on our website, we only ever use these plug-ins in combination with a solution known as “Shariff”. This application will prevent the plug-ins integrated on our website from sending data to the respective providers as soon as you enter the website.
You will only establish a direct connection to the provider’s server when you activate one of its plug-ins by pressing the relevant button (consent). As soon as you activate a plug-in, the relevant provider will be informed that our website has been visited from your IP address. If you do this while you are logged in to a social media account with that provider (e.g. Facebook), the provider will be able to see that you have visited our pages via your user account.
If you activate a plug-in, you will be deemed to have given your consent in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time with future effect.
Facebook plug-ins (“Like” and “Share” button)
Our website features plug-ins from Facebook. This is a social network provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). You can recognise the Facebook plug-ins by the Facebook logo or “Like” button on our website. You can find an overview of the Facebook plug-ins here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
If you activate one of the plug-ins on our website, a direct connection will be established between your browser and the Facebook server. As a result, Facebook will be informed that our website has been visited from your IP address. You can link the content of our pages to your Facebook profile by clicking the Facebook “Like” button while you are logged in to your Facebook account. If you do this, Facebook will be able to see that you have visited our website via your user account. As the provider of the pages, we do not know exactly which data will be transferred or how it will be used by Facebook. You can find more information in Facebook’s privacy policy: https://de-de.facebook.com/privacy/explanation.
If you do not want Facebook to see that you have visited our website via your Facebook user account, you should log out of your Facebook user account. We use the Facebook plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
Use of juicer.io
We have implemented a tool to integrate social media content on our website. This tool is provided by saas.group LLC (304 S. Jones Blvd #1205, Las Vegas NV 89107, USA). You can find more details about the data processing related to this service in the provider’s privacy policy: https://www.juicer.io/privacy. We have implemented the tool in accordance with point (f) of Art. 6 (1) GDPR; we have a legitimate interest in creating a more user-friendly website and in enabling the integration of social media posts.
Twitter plug-in
Some of our web pages feature plug-ins from Twitter. This is a service provided by Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA). If you use Twitter and the “re-tweet” function, the websites you visit will be linked to your Twitter account and shared with other users. As a result, data will be sent to Twitter. As the provider of the pages, we do not know exactly which data will be transferred or how it will be used by Twitter. You can find more information in Twitter’s privacy policy: https://twitter.com/de/privacy.
We use the Twitter plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media. You can change your Twitter privacy settings via your account settings: https://twitter.com/account/settings.
Google+ plug-in
This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Collection and disclosure of information: You can use the Google+ button to post information all over the world. The Google+ button will be used to provide you and other users with personalised content from Google and our partners. Google will store the fact that you have recommended content by clicking +1, as well as information about the page you were viewing when you clicked +1. Any +1 recommendations you give may be displayed as references – together with your profile name and photo – in Google services (e.g. in search results or your Google profile) or elsewhere on websites and ads across the web.
Google will record information about your +1 activities to improve its services for you and others. In order to use the Google+ button, you will need a globally visible, public Google profile that must at least include the name chosen for your profile. This name will be used in all Google services. In some cases, this name may also replace any other name you may have used when sharing content via your Google account. The identity of your Google profile can be shown to users who know your email address or have any other information that can be used to identify you.
Use of the information collected: In addition to the purposes of processing described above, the information you provide will be used according to Google’s privacy policy. Google may publish aggregated statistics about users’ +1 activities or share them with its users and affiliates (e.g. publishers, advertisers or its affiliated websites). We use the Google+ plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
Instagram plug-in
Some of our web pages feature plug-ins from Instagram. These features are provided by Instagram Inc. (1601 Willow Road, Menlo Park, CA, 94025, USA).
You can link the content of our pages to your Instagram profile by clicking the Instagram button while you are logged in to your Instagram account. If you do this, Instagram will be able to see that you have visited our website via your user account. As the provider of the pages, we do not know exactly which data will be transferred or how it will be used by Instagram.
We use the Instagram plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
You can find more information in Instagram’s privacy policy: https://instagram.com/about/legal/privacy/.
Tumblr plug-in
Our website uses buttons from Tumblr. This is a service provided by Tumblr, Inc. (35 East 21st St, 10th Floor, New York, NY 10010, USA).
These buttons allow you to share a post or page on Tumblr or to follow the provider on Tumblr. If you access one of our web pages containing a Tumblr button, your browser will establish a direct connection to the Tumblr servers. We have no control over the type and amount of data that Tumblr may collect and transmit using the plug-in. As far as we are aware, Tumblr will transmit your IP address and the URL of the relevant web page.
We use the Tumblr plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
You can find more information in Tumblr’s privacy policy: https://www.tumblr.com/privacy/de.
LinkedIn plug-in
Our website uses features of the LinkedIn network. This is provided by the LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA).
Whenever you access any of our web pages containing LinkedIn features, you will establish a connection to the LinkedIn servers. As a result, LinkedIn will be informed that our website has been visited from your IP address. If you click the “Recommend” button while you are logged in to your LinkedIn account, LinkedIn will be able to see that you have visited our website via your user account. As the provider of the pages, we do not know exactly which data will be transferred or how it will be used by LinkedIn.
We use the LinkedIn plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
You can find more information in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
XING plug-in
Our website uses features of the XING network. This is a service provided by XING AG (Dammtorstraße 29-32, 20354 Hamburg, Germany).
Whenever you access any of our web pages containing XING features, you will establish a connection to the XING servers. As far as we are aware, your personal data will not be stored. In particular, your IP address will not be stored and your user behaviour will not be analysed.
We use the XING plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
You can find more information about data protection and the “Share” button in XING’s privacy policy: https://www.xing.com/app/share?op=data_protection.
Pinterest plug-in
Our website features social plug-ins from Pinterest. This is a social network provided by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA (“Pinterest”).
If you access a page containing such a plug-in, your browser will establish a direct connection to the Pinterest servers. The plug-in will then send log data to the Pinterest server in the USA. This log data may include your IP address, the address of the pages you visit that also contain Pinterest features, your browser type and settings, the date and time of your request, the way in which you use Pinterest, and cookies.
We use the Pinterest plug-in on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring that we stand out as much as possible on social media.
For more information as to why and to what extent Pinterest will process and use your data, as well as more details on your rights and settings to safeguard your privacy, please refer to Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy.
Hotjar
This website uses Hotjar. This is a tool provided by Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
By using Hotjar, we will be able to analyse your user behaviour on our website. For example, we will be able to record your mouse movements, scrolls and clicks. Hotjar will also be able to determine how long your cursor hovers over a certain area. Hotjar will use this information to create “heat maps”, allowing us to establish which areas of our website are visited most.
In addition, we will be able to see how long you stay on a certain page and when you leave it. We will also be able to determine the point at which you stop entering information into a contact form (“conversion funnels”).
Hotjar also gives us direct feedback from website visitors. This feature is used to improve our website.
Hotjar uses cookies. These are small text files that will be saved by your browser and stored on your computer. They help to make our website safer, more user-friendly and more efficient. In particular, these cookies allow us to determine whether our website has been visited by a specific device and whether the Hotjar features have been disabled for the browser in question. Hotjar cookies will remain on your device until you delete them.
You can change your browser settings so that you receive a notification whenever cookies are about to be stored on your device. You can configure your browser to only allow cookies in specific cases or to reject cookies – either in certain cases or in general – and you can allow cookies to be automatically deleted whenever you close your browser. If you disable cookies, however, you might not be able to use all features of this website.
We use Hotjar and store the relevant cookies on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in analysing user behaviour to optimise both our website and advertising.
Disabling Hotjar
If you would like to prevent Hotjar from collecting data, please click on the following link and follow the instructions there: https://www.hotjar.com/policies/do-not-track/.
Please note that Hotjar will have to be disabled separately for each browser and device.
For more information about Hotjar and the data it collects, please refer to Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy/.
Data processing agreement
We have entered into a data processing agreement with Hotjar to implement the strict European data protection regulations.
Google Analytics
This website uses features of Google Analytics. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Google Analytics uses “cookies”. These are text files that will be saved on your computer, enabling us to analyse your use of the website. The information generated by cookies on your use of this website will generally be transferred to a Google server in the USA and stored there.
We use Google Analytics and store the relevant cookies on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in analysing user behaviour to optimise both our website and advertising.
IP anonymisation
We have enabled IP anonymisation on this website. This means that Google will truncate your IP address within Member States of the European Union or the European Economic Area before transferring it to the USA. Your full IP address will only be transmitted to a Google server in the USA and truncated there in exceptional cases. Google will use this information on our behalf to analyse your use of the website, to compile reports on website activities, and to provide us – as the website operator – with other services related to the use of this website and the Internet. The IP address transmitted by your browser via Google Analytics will not be merged with any other Google data.
Browser plug-in
You can change your browser settings to prevent cookies from being stored; if you do this, however, you might not be able to use all features of our website. You can also stop the data generated by the cookie on your use of this website (incl. your IP address) from being transferred to Google for processing by downloading and installing the following browser add-on: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the link below. This will install an opt-out cookie to prevent your data from being collected when you visit our website in the future: Disable Google Analytics.
For more information on how your data will be used by Google Analytics, please refer to Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Processing by third parties
We have entered into a data processing agreement with Google and fully implement the stringent requirements of the German data protection authorities when using Google Analytics.
Google Analytics Demographics
This website uses the “Demographics” feature of Google Analytics. This means that reports can be created containing statements on the age, gender and interests of our website visitors. This data comes from Google’s targeted ads and visitor data from third-party providers. This data cannot be matched to any specific person. You can disable this feature at any time by changing your advertising settings in your Google account; you can also generally prevent Google Analytics from collecting your data as shown in the section “Objection to data collection”.
Retention period
All data stored by Google at user and event level in connection with cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymised or deleted after 14 months. You can find more details here: https://support.google.com/analytics/answer/7667196?hl=de.
Remarketing with Google Analytics
Our website uses Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
This feature enables audiences created with Google Analytics Remarketing to be linked to the cross-device functions of Google AdWords and Google DoubleClick. In this way, personalised ads that have been tailored to your interests based on your user behaviour and surfing habits on one device (e.g. mobile phone) can also be displayed to you on another device (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browser history to your Google account so that the same targeted ads can be displayed on each of your devices where you are logged in to your Google account.
To support this feature, Google Analytics collects Google-authenticated user IDs, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device advertising.
You can permanently opt out of cross-device remarketing / targeting by disabling personalised ads here: https://adssettings.google.com/.
The data collected will only be merged in your Google account with your consent, which you can give to Google and withdraw in accordance with point (a) of Art. 6 (1) GDPR. Any data that is not merged in your Google account (e.g. because you do not have a Google account or because you have opted out) will be collected on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in anonymously analysing our website visitors for advertising purposes.
You can find more information in Google’s privacy policy: https://policies.google.com/technologies/ads?hl=de.
Google AdSense
This website uses Google AdSense to integrate advertisements from Google Inc. (“Google”). This is a service provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Google AdSense uses “cookies”; these are text files that will be saved on your computer, enabling us to analyse your use of the website. Google AdSense also uses “web beacons” (invisible graphics). These web beacons may be used to evaluate certain information such as visitor traffic on this website. The information generated by cookies and web beacons on your use of this website (including your IP address) and the delivery of ad formats will be transferred to a Google server in the USA and stored there. Google may pass on this information to its affiliates. However, Google will not merge your IP address with any other data it holds on you. We use AdSense cookies on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in analysing user behaviour to optimise both our website and advertising. You can change your browser settings to prevent cookies from being stored; if you do this, however, you might not be able to use all features of our website. By using this website, you allow Google to process your data in the manner and for the purposes described above.
Google AdWords and conversion tracking
This website uses Google AdWords. This is an online advertising platform provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
We use a feature of Google AdWords known as “conversion tracking”. If you click on a Google Ad, a “conversion tracking cookie” will be installed. This is a small text file that your browser will store on your computer. It will expire after 30 days and will not be used to personally identify you. If you visit certain pages of this website and the cookie is yet to expire, both we and Google will be able to see that you have been redirected to the page after clicking on the ad.
Each Google AdWords customer is given a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information obtained using conversion cookies is used to prepare conversion statistics for AdWords customers who have chosen to use conversion tracking. However, AdWords customers only find out the total number of users who have been redirected to a page containing a conversion tracking tag after clicking on one of their ads. They will not receive any information that might be used to personally identify you. If you want to opt out of tracking, you can easily disable the Google conversion tracking cookie in your browser settings. You will then no longer be included in conversion tracking statistics.
We use this tracking tool and store conversion cookies on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in analysing user behaviour to optimise both our website and advertising.
You can find more information about Google AdWords and conversion tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
You can change your browser settings so that you receive a notification whenever cookies are about to be stored on your device. You can configure your browser to only allow cookies in specific cases or to reject cookies – either in certain cases or in general – and you can allow cookies to be automatically deleted whenever you close your browser. If you disable cookies, however, you might not be able to use all features of this website.
IONOS WebAnalytics
This website uses IONOS WebAnalytics (“IONOS”). This is a service provided by 1&1 IONOS SE (Elgendorfer Straße 57, D-56410 Montabaur). We use IONOS to analyse various aspects such as visitor numbers and behaviour (e.g. number of page views, duration of website visits, bounce rates), visitor sources (i.e. which websites visitors come from), visitor locations and technical data (browser and operating system versions). For this purpose, IONOS will store the following data in particular:
This data is stored and analysed on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in statistically analysing user behaviour to optimise both our website and advertising. If your consent is requested, the processing will be performed exclusively on the basis of point (a) of Art. 6 (1) GDPR; you may withdraw your consent at any time.
For more information about how IONOS WebAnalytics will collect and process your data, please refer to IONOS’ privacy policy:
https://www.ionos.de/terms-gtc/index.php?id=6
Processing by third parties
We have entered into a data processing agreement with IONOS to ensure that the provider handles your personal data in accordance with data protection law.
WordPress Stats
This website uses “WordPress Stats” to statistically evaluate user access. This is a tool provided by Automattic Inc. (60 29th Street #343, San Francisco, CA 94110-4929, USA).
WordPress Stats uses cookies, which will be saved on your computer, enabling us to analyse your use of the website. The information generated by cookies on your use of our website will be stored on servers in the USA. Your IP address will be anonymised after it is processed and before it is stored.
WordPress Stats cookies will remain on your device until you delete them. We use “WordPress Stats” and store the relevant cookies on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in analysing user behaviour in an anonymised format to optimise both our website and advertising.
You can change your browser settings so that you receive a notification whenever cookies are about to be stored on your device. You can configure your browser to only allow cookies in specific cases or to reject cookies – either in certain cases or in general – and you can allow cookies to be automatically deleted whenever you close your browser. If you disable cookies, however, you might not be able to use all features of our website.
You can object to your data being collected and used in the future by installing an opt-out cookie in your browser via the following link: https://www.quantcast.com/opt-out/.
If you ever delete all cookies from your computer, you will have to reinstall the opt-out cookie.
Facebook Pixel
Our website uses the Facebook Pixel to track conversions. This is a tool provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”).
Facebook Pixel enables us to track the behaviour of website visitors who have been redirected to our website after clicking on a Facebook ad. This allows us to evaluate the effectiveness of our Facebook ads for statistical purposes and market research, so that we can optimise our future advertising campaigns.
The data collected will remain anonymous to us; we will not be able to use any of this data to reveal your identity. As the data will be stored and processed by Facebook, however, it may be linked to your user profile and Facebook may use the data for its own advertising purposes in accordance with its privacy policy. As a result, Facebook will be able to show you ads both on Facebook pages and outside of Facebook. As the operator of this website, we have no control over such data usage.
We use Facebook Pixel on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring the effectiveness of our advertising campaigns, including on social media.
For more information on how you can safeguard your privacy, please refer to Facebook’s privacy policy: https://de-de.facebook.com/about/privacy/.
You can also disable the “Custom Audiences” remarketing feature in your ad settings: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.
If you do not have a Facebook account, you can disable Facebook’s targeted advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.
If you would like to subscribe to the newsletter offered on our website, we will need you to provide an email address and further information so that we can check whether you are the owner of the email address and consent to receiving the newsletter. No further data will be collected, unless you provide it voluntarily. We will use this data exclusively for the purpose of sending the requested information and will not pass it on to third parties.
We will only ever process the data you enter in the newsletter subscription form with your consent in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent to the storage of your data and email address – and the use of this data for the purpose of sending the newsletter – at any time, such as by clicking on the “unsubscribe” link in the newsletter. If you withdraw your consent, this will have no bearing on the lawfulness of any data processing performed up to that point.
We will store the data you provide for the purpose of subscribing to the newsletter until you unsubscribe from the newsletter; your data will then be deleted. This does not apply to any data that is also stored for other purposes.
Job applications
We offer you the chance to apply for a job with us (e.g. by email, by post or via the online application form). We would like to inform you about the personal data we will collect from you during the application process and why we will use it. We assure that your data will be collected, processed and used in accordance with the applicable data protection laws and all other legal provisions and that your data will be treated as strictly confidential.
Scope and purpose of data collection
If you send us an application, we will process the relevant personal data (e.g. contact details, communication data, application documents, notes made during job interviews), provided this is necessary for deciding whether to enter into an employment contract with you. The legal basis for this is Section 26 of the Federal Data Protection Act (BDSG) under German law (establishment of an employment relationship), point (b) of Art. 6 (1) GDPR (general initiation of a contract) and, if you give your consent, point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time. Your personal data will only be shared with the individuals within our organisation who are responsible for processing your application.
If your application is successful, the data you have submitted will be stored in our data processing systems for the purpose of performing the employment contract on the basis of Section 26 BDSG and point (b) of Art. 6 (1) GDPR.
Retention of data
If we are unable to offer you a job, if you reject a job offer, if you withdraw your application, if you withdraw your consent to data processing or if you ask us to delete your data, the data you have sent us (including any physical application documents) will be stored or retained for no longer than 6 months after the application process has ended (retention period) so that we can review the details of the application process if there are any disagreements between us (point (f) of Art. 6 (1) GDPR).
HOWEVER, YOU MAY OBJECT TO THE STORAGE OF YOUR DATA IF OUR INTERESTS ARE OUTWEIGHED BY YOUR OWN LEGITIMATE INTERESTS.
Your data will then be deleted at the end of the retention period, unless we are legally obliged to retain it or there is another legal reason for further storage. If it becomes apparent that your data will have to be stored even after the retention period has expired (e.g. due to an imminent or pending legal dispute), it will only be deleted when the data has become irrelevant. We reserve the right to comply with other statutory retention periods.
Amazon Associates Programme
We participate in the Amazon Associates Programme within the EU. This means that Amazon ads and links to amazon.de are integrated on our website, allowing us to earn money through 23/27 commission payments. For this purpose, Amazon uses cookies to trace referrals when orders are placed on its website. As a result, Amazon will be able to see that you have clicked on an affiliate link on our website. Amazon cookies are stored on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in calculating our affiliate commission, and this is only possible with cookies. For more information about how Amazon will use your data, please refer to its privacy policy: https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401.
PayPal
We offer PayPal as a means of payment on our website. This is a payment service provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (“PayPal”).
If you choose to pay via PayPal, the payment details you enter will be sent to PayPal.
Your data will be sent to PayPal on the basis of point (a) of Art. 6 (1) GDPR (consent) and point (b) of Art. 6 (1) GDPR (processing necessary for the performance of a contract). You have the right to withdraw your consent to data processing at any time. If you withdraw your consent, however, this will not affect the lawfulness of any data processing performed up to that point in time.
Klarna
We offer Klarna as a means of payment on our website. This service is provided by Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (“Klarna”).
Klarna offers various payment options (e.g. instalments). If you choose to pay via Klarna (Klarna Checkout), Klarna will collect various types of personal data from you. You can find more details in Klarna’s privacy policy: https://www.klarna.com/de/datenschutz/.
Klarna uses cookies on the basis of point (f) of Art. 6 (1) GDPR; it has a legitimate interest in optimising the Klarna Checkout solution. Cookies are small text files that will be saved on your device and will not cause any harm. They will remain on your device until you delete them. You can find more details about Klarna’s cookies here: https://cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf.
Your data will be sent to Klarna on the basis of point (a) of Art. 6 (1) GDPR (consent) and point (b) of Art. 6 (1) GDPR (processing necessary for the performance of a contract). You have the right to withdraw your consent to data processing at any time. If you withdraw your consent, however, this will not affect the lawfulness of any data processing performed up to that point in time.
Sofortüberweisung
We offer “Sofortüberweisung” as a means of payment on our website. This is a payment service provided by Sofort GmbH, Theresienhöhe 12, D-80339 München (“Sofort GmbH”).
If you use “Sofortüberweisung” as a payment method, we will receive a payment confirmation from Sofort GmbH in real time and will be able to immediately start fulfilling our contractual obligations.
If you choose to pay via “Sofortüberweisung”, you will send your PIN and a valid TAN to Sofort GmbH so that it can log in to your online banking account. After logging in to your account, Sofort GmbH will automatically check your balance and transfer the money to us using the TAN you have provided. It will then send us a transaction confirmation right away. After logging in to your account, Sofort GmbH will also automatically check your past transactions, the credit limit of any overdraft facility you may have, whether you have any other accounts and, if so, how much money you have on them.
In addition to your PIN and TAN, the payment details you enter and various pieces of personal data will also be sent to Sofort GmbH. Your personal data will include your first and last name, address, telephone number(s), email address, IP address and any other data needed to process the payment. This data will have to be sent to Sofort GmbH to establish your identity beyond doubt and to prevent fraudulent activities.
Your data will be sent to Sofort GmbH on the basis of point (a) of Art. 6 (1) GDPR (consent) and point (b) of Art. 6 (1) GDPR (processing necessary for the performance of a contract). You have the right to withdraw your consent to data processing at any time. If you withdraw your consent, however, this will not affect the lawfulness of any data processing performed up to that point in time.
You can find more details about “Sofortüberweisung” here: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.
Paydirekt
We offer Paydirekt as a means of payment on our website. This is a payment service provided by Paydirekt GmbH, Hamburger Allee 26-28, 60486 Frankfurt am Main, Germany (“Paydirekt”).
If you make a payment via Paydirekt, various transaction details will be collected by Paydirekt and forwarded to the bank that you have registered with Paydirekt. In addition to the data required for the payment, Paydirekt may collect other data when performing the transaction (e.g. delivery address or individual items in your shopping cart).
Paydirekt will then authenticate the transaction using the relevant authentication process agreed with the bank. The amount to be paid will then be transferred from your bank account to ours. Neither we nor third parties will be able to access your account details.
You can find more details about Paydirekt in its general terms and conditions and privacy policy: https://www.paydirekt.de/agb/index.html.
Data processing by social networks
We have various public profiles on social networks. You can find each of the social networks we use further below.
Whenever you visit a social media website (e.g. Facebook or Google+) or a website with integrated social media content (e.g. “Like” buttons or advertising banners), the social media provider will usually be able to comprehensively analyse your user behaviour. If you visit any of our social media pages, numerous data processing operations will be triggered:
If you visit one of our social media pages while you are logged in to your account with the relevant social network, the operator of the social media portal will be able to see that you have visited our page via your user account. However, your personal data may also be recorded even if you are not logged in or if you do not have an account with the relevant social media provider. In such cases, your data may be collected by storing cookies on your device or by recording your IP address.
The operators of the social media portals will be able to use the data collected in this way to create user profiles containing your preferences and interests. As a result, they will be able to show you targeted advertising both on and outside of the relevant social media page. If you have an account with the social network, the operator will be able to display targeted advertising on all devices in which you are or have been logged in.
Please also note that we cannot keep track of all processing operations on social media portals. Depending on the provider, additional processing operations may also be carried out by the operators of the social media portals. You can find more details in each social media portal’s terms of use and privacy policy.
Legal basis
We operate our social media pages on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in ensuring the widest possible presence on the Internet. The analysis processes initiated by the social networks may have a different legal basis in each case, which must be specified by the social network operators (e.g. consent pursuant to point (a) of Art. 6 (1) GDPR).
Controller and exercise of rights
If you visit one of our social media pages (e.g. Facebook), we and the operator of the social media platform will be jointly responsible for the data processing operations triggered during your visit. You can exercise your rights (access, rectification, erasure, restriction of processing, data portability and complaint) either against us or against the operator of the relevant social media portal (e.g. Facebook).
Although we are jointly responsible alongside the social media portal operators, please note that we do not have full control over the data processing operations carried out by the social media portals. Our capabilities are largely based on each provider’s company policy.
Retention period
The data we collect on our social media pages will be deleted from our systems as soon as you request its deletion, as soon as you withdraw your consent to its storage or as soon as the purpose for which it was originally stored no longer applies. The cookies stored on your device will remain there until you delete them. We reserve the right to comply with mandatory legal provisions, particularly retention periods.
We have no control over the amount of time for which the social network operators will store your data for their own purposes. For more details on this, please refer to the information provided by the operators of the social networks (e.g. their privacy policy, see below).
Social networks in detail
We have a profile on Facebook. This is a service provided by Facebook Inc. (1 Hacker Way, Menlo Park, California 94025, USA). Facebook is certified under the EU-US Privacy Shield.
We have entered into an agreement on joint processing (Controller Addendum) with Facebook. This agreement defines which data processing operations we or Facebook will be responsible for when you visit our Facebook Page. You can view our agreement here: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
You can find more details in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.
Facebook Insights – information for our Facebook Page users
As we operate a Facebook Page, Facebook Ireland Ltd (“Facebook”) provides us with a service known as “Facebook Insights” (“Insights”). This involves various statistics that provide us with information as to how our Facebook Page is used. You can find more detailed information about Facebook Insights and the relevant data processing here: https://www.facebook.com/business/a/page/page-insights and https://www.facebook.com/legal/terms/information_about_page_insights_data.
Facebook Insights may be based on personal data collected when people visit or interact with our Facebook Page and its content, which means that your personal data may be processed by Facebook if you visit our Facebook Page. The essential content of our agreement with Facebook pursuant to Art. 26 GDPR can be found here: https://www.facebook.com/legal/terms/page_controller_addendum
The joint controllers of our Facebook Page Insights are
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2, Ireland
https://www.facebook.com/help/contact/2061665240770586
https://www.facebook.com/help/contact/540977946302970
and
Hotel Dreyer -garni- Marco Dreyer
Salinenstraße 7
D-49214 Bad Rothenfelde
Tel.: +49 5424 21900
Fax: +49 5424 219029
Email: info@hotel-dreyer.de
As part of our relationship as joint controllers, Facebook Ireland primarily fulfils the following obligations:
Of course, you can also assert your rights against us.
In accordance with Art. 32 GDPR, Facebook Ireland takes appropriate technical and organisational measures to ensure the security of processing when using Facebook Insights.
For the legal basis and purposes of processing by Facebook Ireland, please refer to the following information: https://www.facebook.com/about/privacy/legal_bases and https://www.facebook.com/policy.php.
We process Facebook Insights data on the basis of point (f) of Art. 6 (1) GDPR; we have a legitimate interest in evaluating the activities on our Facebook Page and in carrying out marketing activities there (ads, campaigns, promotional posts).
More information: Privacy policy: Facebook Pages and Insights
You are not legally obliged to provide your personal data. However, you may have to provide your personal data to enter into a contract or to enable certain features of our Facebook Page. If you do not provide your personal data, you might not be able to enter into the contract or use the relevant features of our Facebook Page.
The rights of data subjects are stipulated in particular in Art. 15 to 23 GDPR, Art. 77 GDPR and Sections 32 to 37 BDSG.
You have the following rights in relation to your personal data:
You also have the right to object to the processing of your personal data in accordance with Art. 21 GDPR (see additional information further below).
If you have consented to the processing of your personal data, you may withdraw your consent at any time with future effect in accordance with Art. 7 GDPR.
If you have any enquiries, requests or messages, please contact Facebook Ireland or us (see above).
If you believe the processing of your personal data constitutes a violation of data protection law, you always have the right to lodge a complaint with the competent supervisory authority (see Art. 77 GDPR).
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority – particularly in the Member State of your habitual residence, place of work or place of the alleged infringement – if you believe that the processing of your personal data constitutes a violation of the General Data Protection Regulation. Facebook Ireland’s competent supervisory authority is the Irish Data Protection Commission (https://www.dataprotection.ie/). Our competent supervisory authority is the State Commissioner for Data Protection and Freedom of Information in North Rhine-Westphalia (Kavalleriestraße 2-4, D-40213 Düsseldorf).
INFORMATION ON YOUR RIGHT TO OBJECT PURSUANT TO ART. 21 GDPR
If you file an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or unless your data is being processed for the establishment, exercise or defence of legal claims.
If you object to processing for direct marketing, we will no longer process your personal data for such purposes.
You may file an informal objection.
Google+
We have a profile on Google+. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google is certified under the EU-US Privacy Shield.
You can adjust your advertising settings in your user account. To do this, click on the following link and log in: https://adssettings.google.com/authenticated.
You can find more details in Google’s privacy policy: https://policies.google.com/privacy.
We use Twitter. This is a microblogging service provided by Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA). Twitter is certified under the EU-US Privacy Shield.
You can adjust your Twitter privacy settings in your user account. To do this, click on the following link and log in: https://twitter.com/personalization.
You can find more details in Twitter’s privacy policy: https://twitter.com/de/privacy.
We have a profile on Instagram. This is a service provided by Instagram Inc. (1601 Willow Road, Menlo Park, CA, 94025, USA). For more information on how your personal data will be used, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875.
We have a profile on Pinterest. This is a service provided by Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, USA (“Pinterest”). For more information on how your personal data will be used, please refer to Pinterest’s privacy policy: https://policy.pinterest.com/de/privacy-policy.
We have a profile on XING. This is a service provided by XING AG (Dammtorstraße 29-32, 20354 Hamburg, Germany). For more information on how your personal data will be used, please refer to XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.
We have a profile LinkedIn. This is a service provided by LinkedIn Ireland Unlimited Company (Wilton Plaza, Wilton Place, Dublin 2, Ireland). LinkedIn is certified under the EU-US Privacy Shield. LinkedIn uses advertising cookies.
If you would like to disable LinkedIn advertising cookies, please click on the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
For more information on how your personal data will be used, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
Tumblr
We have a profile on Tumblr. This is a service provided by Tumblr, Inc. (35 East 21st St, 10th Floor, New York, NY 10010, USA). For more information on how your personal data will be used, please refer to Tumblr’s privacy policy: https://www.tumblr.com/privacy/de.
© All Rights Reserved 2022