Inquiry

Booking

Vouchers

a
overlay-image_temp

Alpenrose Bayrischzell

Welcome to Friends

Welcome to our Alpenrose hotel in Bayrischzell, the picturesque mountain village at the foot of the Wendelstein mountain. Located right next to the train station in the village center, our hotel is the ideal base for a wide variety of outdoor activities in the Tegernsee-Schliersee Alpine region all year round. We look forward to your visit.

Our rooms at a glance

Home

Booking

All Rooms

Single Rooms

Single Room

Double Rooms

Cozy Double Room
Standard Double Room
Superior Double Room

Multi-Bed Rooms

Multi-Bed Room
Family Room

Suites

Wendelstein Room

Meetings & Events

Restaurant

Relaxation

Gallery

About Us

The Alpenrose
Employer
Our New Building
History

Offers

Activities

All Activities
Mountain Biking
Hiking & Mountains
Lakes & Baths
Excursions

Contact

Vouchers

Imprint

Data Protection

Alpenrose Bayrischzell

Data protection

Privacy policy

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. You can find detailed information on data protection in our privacy policy listed under this text.

Data collection on this website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the section “Notice regarding the responsible party” in this privacy policy.

How do we collect your data?

Your data is collected when you provide it to us. This could be data that you enter in a contact form, for example.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders or other order requests.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. In addition, you have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the responsible supervisory authority.

You can contact us at any time with regard to this and other questions on the subject of data protection.

Analysis tools and third-party tools

When you visit this website, your surfing behavior can be statistically evaluated. This is mainly done with so-called analysis programs.

You can find detailed information on these analysis programs in the following privacy policy.

 

  1. Hosting

The contents of our website are hosted externally by the hosting provider Strato (see https://www.strato.de/).

External hosting

The personal data collected on this website is stored on the host’s servers. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.

The external hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). If appropriate consent has been obtained, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Our host(s) will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions with regard to this data.

We use the following host(s):

STRATO GmbH
Otto-Ostrowski-Straße 7
10249 Berlin

 

Order processing

We have concluded a contract data processing agreement (DPA) with the above-mentioned service. This is a contract required under data protection law which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

 

  1. General information and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Notice regarding the responsible party

The responsible party for data processing on this website is:

Bergspitz Betriebs GmbH
Alpenrose Bayrischzell
Schlierseer Straße 6
83735 Bayrischzell

Telephone: +49 8023 819306
Fax: +49 8023 819307
info@bayrischzell-alpenrose.de

 

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Storage period and deletion

Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted, provided that we have no other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons no longer apply.

 

General information on the legal basis for data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, if special categories of data are processed according to Art. 9 para. 1 GDPR. In the case of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR.

If you have consented to the storage of cookies or access to information in your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of § 25 para. 1 TDDDG. Consent can be revoked at any time. If your data is required for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR.

Furthermore, we process your data if this is necessary to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. Information on the relevant legal bases in each individual case is provided in the following paragraphs of this privacy policy.

Data protection officer

Responsible for the processing of data on this page within the meaning of the EU General Data Protection Regulation (GDPR) is

Bergspitz Betriebs GmbH
Alpenrose Bayrischzell
Schlierseer Straße 6
83735 Bayrischzell

Telephone: +49 8023 819306
Fax: +49 8023 819307
E-mail: datenschutz@bergspitz.de

 

Recipients of personal data

In the course of our business activities, we work with various external bodies. In some cases, it is also necessary to transfer personal data to these external bodies. We only pass on personal data to external bodies if this is necessary within the scope of fulfilling a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in passing on the data pursuant to Art. 6 para. 1 lit. f GDPR or if another legal basis permits the data to be passed on. When using processors, we only pass on the personal data of our customers on the basis of a valid contract for processing. In the event of joint processing, a contract for joint processing is concluded.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right at any time to object to the processing of your personal data for reasons arising from your particular situation. This also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy.

If you object, we will no longer process your personal data concerned, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the purpose of asserting, exercising or defending legal claims (objection pursuant to Art. 21 para. 1 GDPR).

If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising. This also applies to profiling insofar as it is connected with such direct advertising.

If you object, your personal data will subsequently no longer be used for the purpose of direct advertising (objection pursuant to Art. 21 para. 2 GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

Information, correction and deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction or deletion of this data. You can contact us at any time with regard to this and other questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
  • If you have lodged an objection pursuant to Art. 21 para. 1 GDPR, a balance must be struck between your interests and our interests. As long as it has not yet been determined whose interests outweigh the other, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Objection to advertising e-mails

The use of contact data published within the scope of the imprint obligation for the transmission of advertising and information material not expressly requested is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

 

  1. Data collection on this website

Cookies

Our website uses so-called “cookies”. Cookies are small data packets and do not cause any damage to your end device. They are either temporarily stored on your end device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

Cookies can come from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited.

You can find out which cookies and services are used on this website in this privacy policy.

Cookiebot
The data controller has integrated components of Cookiebot in the form of a cookie banner on this website. Cookiebot is software from the Danish company Cybot. Cookiebot automatically creates a data protection-compliant cookie banner for website visitors. This is done with the help of a check of all cookies and tracking measures of a website. With the help of Cookiebot, companies can avoid data protection violations and create more transparency for website visitors. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. F GDPR.

The operating company is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.

When using Cookiebot, personal data such as your IP address (in anonymized form by setting the last three digits to 0), date and time of your consent, website URL, browser data, encrypted and anonymized key, as well as cookies that you have allowed, are processed.

According to Cybot’s privacy policy, Cybot does not sell personal data. However, your personal data will be passed on to trusted third parties or subcontractors. Data will also be passed on if this is legally necessary.

Your personal data will be deleted no later than twelve months after you have given your consent or immediately after the Cookiebot service has been terminated.

If you would like to withdraw your consent, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked for your cookie consent again.

If you agree to the cookies, your personal data will be processed and stored with the help of these cookies. Your consent in accordance with Art. 6 Para. 1 lit. A GDPR also represents the legal basis for the use of cookies or the processing of your data.

Without appropriate processing of your data, the functionality of the website cannot be guaranteed.

The applicable data protection regulations of Cookiebot can be found at https://www.cookiebot.com/de/privacy-policy/?coupon=DEC22WEB.

Legal basis

The use of the cookie consent management tool is to fulfill our legal obligation in accordance with Art. 6 Para. 1 lit. c GDPR.
The processing of the selected cookie preferences is also based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR.

Storage period

The consent data is stored until you ask us to delete it, you revoke your consent yourself, or the purpose for data storage no longer applies. The cookie preferences are stored for 12 months, unless otherwise required by law.

Withdrawal of consent

You can adjust or revoke your cookie settings at any time via the corresponding link “Change cookie settings” on our website. The cookie plugin will then automatically update the saved consents.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be recorded.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent.

This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Inquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

 

  1. Analysis tools

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, length of stay, operating systems used and origin of the user. This data is assigned to the respective end device of the user. It is not assigned to a user ID.

Furthermore, we can use Google Analytics to record your mouse and scrolling movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the recorded data sets and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TDDDG. Consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company has a certification according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

 

Google Tag Manager

The data controller has integrated components of Google Tag Manager on this website. Google Tag Manager makes it possible to integrate tracking with just a single change to the source code.

The operating company for Google Tag Manager is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Google Tag Manager itself does not process any personal data. The tool is only used to manage other tags. The data collected by these tags depends on the services that are integrated by Google Tag Manager (e.g. Google Analytics). Details on this can be found in the data protection regulations of the respective services used.
Google Tag Manager is used to efficiently manage tags on a website. It enables the integration and updating of tags and tracking codes to improve analyses, reports and other marketing functions.
Since Google Tag Manager itself does not collect, store or pass on any data, no personal data is passed on directly by Google Tag Manager. Personal data is processed exclusively by the integrated tags. However, Google may collect aggregated data about the use of Tag Manager in order to improve the functionality and efficiency of the tool.
Google implements technical and organizational measures to ensure the security and confidentiality of data when using Google Tag Manager and the associated services.

Further information and the applicable data protection regulations of Google can be found at www.google.de/intl/de/policies/privacy/ and at www.google.com/analytics/terms/de.html.

Google Maps

Our website uses the Google Maps map service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The integration is for the appealing presentation of geographical information and to make it easier to find our locations.

When you access pages with an embedded Google Maps map, information about your use of our website (e.g. your IP address) is transmitted to Google servers and stored there. This may also include a data transfer to the servers of Google LLC in the USA. We have no influence on this data transfer.

Google processes your data in accordance with the Google data protection declaration and may use it for its own purposes, e.g. to create profiles or pass it on to third parties.

If you do not want Google to collect data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, the map display may be restricted.

The use of this service is based on processing in accordance with Art. 6 Para. 1 lit. f GDPR, the legitimate interest in the presentation of our online offer and in the easy findability of the places specified by us on the website.

Google processes your data in accordance with the Google data protection declaration (Data protection declaration – Data protection declaration & terms of use – Google ) and may use it for its own purposes such as profiling or passing it on to third parties. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

If corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and Section 25 Para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device within the meaning of the TDDDG. Consent can be revoked at any time.

The company has a certification according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

IP anonymization

Google Analytics IP anonymization is activated. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

More information on how Google Analytics handles user data can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded a contract with Google for order processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

 

  1. Newsletter

Newsletter data

If you would like to subscribe to the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or only on a voluntary basis. We use newsletter service providers for the processing of newsletters, which are described below.

 

CleverReach (https://www.cleverreach.com/de-de/)

This website uses the services of CleverReach for sending newsletters. The provider is CleverReach GmbH & Co. KG //CRASH Building, Schafjückenweg 2 in 26180 Rastede, Germany.

CleverReach is a service with which, among other things, the sending of newsletters can be organized and analyzed. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this data is stored on CleverReach’s servers in Germany.

With the help of CleverReach, we can analyze our newsletter campaigns. When you open an e-mail sent with CleverReach, a file contained in the e-mail connects to CleverReach’s servers in Germany. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked. Technical information is also recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.

If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. We provide a corresponding link for this purpose in every newsletter message.

The data is processed on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The lawfulness of the data processing operations that have already taken place remains unaffected by the revocation.

The data that you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored in a blacklist by us or the newsletter service provider if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

For more information, please refer to Cleverreach’s privacy policy at: CleverReach’s privacy policy.

Order processing

We have concluded a contract for order processing (AVV) for the use of the aforementioned service. This is a contract required under data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

 

  1. Plugins and Tools

Google Fonts (local hosting)

This site uses Google Fonts, provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google’s servers does not take place.

For more information about Google Fonts, see https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Google reCAPTCHA v3

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to check whether the data input on this website (e.g. in a contact form) is done by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor using various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM. If a corresponding consent has been obtained, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

The company has a certification according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Facebook
The controller has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is a social meeting place operated on the Internet, an online community that usually enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the Internet community to provide personal or company-related information. Facebook allows users of the social network to create private profiles, upload photos and network via friend requests.

The operating company of Facebook is Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller for the processing of personal data is, if a data subject lives outside the USA or Canada, Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

Each time one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, is called up, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in to Facebook at the same time, Facebook recognizes with each visit to our website by the data subject and during the entire duration of the respective stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, for example the “Like” button, or makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of this information to Facebook is not wanted by the data subject, he or she can prevent the transmission by logging out of his or her Facebook account before calling up our website.

The data policy published by Facebook, which is available at de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains what setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

Instagram
The controller has integrated components of the Instagram service on this website. Instagram is a service that can be described as an audiovisual platform that allows users to share photos and videos and also to redistribute such data in other social networks.

The operating company of the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Each time one of the individual pages of this website, which is operated by the controller and on which an Instagram component (Insta button) has been integrated, is called up, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Instagram component to download a representation of the corresponding component from Instagram. As part of this technical process, Instagram receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in to Instagram at the same time, Instagram recognizes with each visit to our website by the data subject and during the entire duration of the respective stay on our website, which specific subpage the data subject visits. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the data subject. If the data subject clicks on one of the Instagram buttons integrated on our website, the data and information transmitted with it are assigned to the personal Instagram user account of the data subject and stored and processed by Instagram.

Instagram always receives information via the Instagram component that the data subject has visited our website if the data subject is logged in to Instagram at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Instagram component or not. If such a transmission of this information to Instagram is not wanted by the data subject, he or she can prevent the transmission by logging out of his or her Instagram account before calling up our website.

Further information and the applicable data protection provisions of Instagram can be found at help.instagram.com/155833707900388 and www.instagram.com/about/legal/privacy/.

Facebook Pixel
The controller has integrated components of the company Facebook Pixel from Facebook on this website. The Facebook pixel is a snippet of JavaScript code that loads a collection of functions that allow Facebook to track your user actions if you have come to the user’s website via Facebook ads.

The operating company of Facebook Pixel is Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller for the processing of personal data is, if a data subject lives outside the USA or Canada, Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

Each time one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, is called up, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in to Facebook at the same time, Facebook recognizes with each visit to our website by the data subject and during the entire duration of the respective stay on our website, which specific subpage of our website the data subject visits. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, for example the “Like” button, or makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of this information to Facebook is not wanted by the data subject, he or she can prevent the transmission by logging out of his or her Facebook account before calling up our website.

With the help of Facebook pixels, the advertising measures of users can be better tailored to their wishes and interests. In this way, Facebook users (if they have allowed personalized advertising) get to see relevant advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

The data policy published by Facebook, which is available at de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains what setting options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

Further information regarding the data protection regulations of Facebook Pixel can be found at de-de.facebook.com/business/gdpr.

Google-Ads
The controller has integrated Google Ads on this website. Google Ads is an internet advertising service that allows advertisers to place ads both in Google’s search engine results and in the Google advertising network. Google Ads enables an advertiser to predefine specific keywords by means of which an ad is only displayed in Google’s search engine results when the user uses the search engine to retrieve a keyword-relevant search result. In the Google advertising network, the ads are distributed to thematically relevant websites by means of an automatic algorithm and in compliance with the previously defined keywords.

The operating company of the Google Ads services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google Ads is to promote our website by displaying interest-relevant advertising on the websites of third-party companies and in the search engine results of the Google search engine and by displaying third-party advertising on our website.

If a data subject reaches our website via a Google ad, Google stores a so-called conversion cookie on the information technology system of the data subject. What cookies are has already been explained above. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not yet expired, the conversion cookie is used to track whether certain subpages, such as the shopping cart of an online shop system, have been accessed on our website. The conversion cookie enables both us and Google to track whether a data subject who has reached our website via an Ads ad has generated sales, i.e. has completed or cancelled a purchase of goods.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who have been referred to us via Ads ads, i.e. to determine the success or failure of the respective Ads ad and to optimize our Ads ads for the future. Neither our company nor other Google Ads advertisers receive information from Google that could be used to identify the data subject.

By means of the conversion cookie, personal information, such as the Internet pages visited by the data subject, is stored. Each time you visit our website, personal data, including the IP address of the Internet connection used by the data subject, is therefore transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties.

In addition, this website uses the remarketing function within the Google Ads service. Google Ads Remarketing enables users of this website to be shown interest-based advertising on other websites within the Google advertising network. For this purpose, the interaction of the user with this website is analyzed, e.g. which offers the user was interested in, in order to be able to display targeted advertising to the user even after visiting our website.

For this purpose, Google stores a cookie in the user’s browser, which records certain visits to websites. This cookie is used for the unique identification of a web browser on a specific end device and not for the identification of a person. The storage is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG, provided that this has been granted via our cookie banner. The consent can be revoked at any time.

The data subject can prevent the setting of cookies by our website at any time, as described above, by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on the information technology system of the data subject. In addition, a cookie already set by Google Ads can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the option of objecting to interest-based advertising by Google. To do this, the data subject must call up the link www.google.de/settings/ads from each of the Internet browsers they use and make the desired settings there.

Further information and Google’s current privacy policy can be found at www.google.de/intl/de/policies/privacy/.

Google Analytics
The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and evaluation of data about the behavior of visitors to websites. A web analytics service collects, among other things, data on which website a data subject has come to a website from (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. Web analytics is mainly used to optimize a website and for cost-benefit analysis of online advertising.

The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this addition, the IP address of the internet connection of the person concerned is shortened and anonymized by Google if access to our websites is from a member state of the European Union or from another contracting state of the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze the flow of visitors on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our websites, and to provide other services related to the use of our website.

Google Analytics sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyze the use of our website. Through each call to one of the individual pages of this website, which is operated by the controller and on which a Google Analytics component has been integrated, the internet browser on the information technology system of the person concerned is automatically caused by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google gains knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently to enable commission statements.

By means of the cookie, personal information, such as the access time, the location from which an access originated and the frequency of visits to our website by the data subject, is stored. Each time you visit our website, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share such personal data collected through the technical process with third parties.

The data subject can prevent the setting of cookies by our website, as already described above, at any time by means of a corresponding setting of the internet browser used and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs.

Furthermore, the data subject has the possibility to object to and prevent the collection of data generated by Google Analytics, which relates to the use of this website, as well as the processing of this data by Google. To do this, the data subject must download and install a browser add-on at the link tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as an objection. If the information technology system of the data subject is deleted, formatted or reinstalled at a later time, the data subject must reinstall the browser add-on in order to disable Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person attributable to their sphere of power, there is the possibility of reinstalling or reactivating the browser add-on.

Further information and Google’s current privacy policy can be found at www.google.de/intl/de/policies/privacy/ and at www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link www.google.com/intl/de_de/analytics/.

Google Tag Manager
The controller has integrated components of Google Tag Manager on this website. The Google Tag Manager makes it possible to integrate tracking with just a single change to the source code.

The operating company for Google Tag Manager is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The Google Tag Manager itself does not process any personal data. The tool is only used to manage other tags. The data collected by these tags depends on the services that are integrated by the Google Tag Manager (e.g. Google Analytics). Details on this can be found in the privacy policies of the respective services used.
The Google Tag Manager is used to efficiently manage tags on a website. It enables the integration and updating of tags and tracking codes to improve analysis, reporting and other marketing functions.
Since the Google Tag Manager itself does not collect, store or pass on any data, no personal data is directly passed on by the Google Tag Manager. The processing of personal data is carried out exclusively by the integrated tags. However, Google may collect aggregated data about the use of the Tag Manager to improve the functionality and efficiency of the tool.
Google implements technical and organizational measures to ensure the security and confidentiality of data when using the Google Tag Manager and the associated services.

Further information and Google’s current privacy policy can be found at www.google.de/intl/de/policies/privacy/ and at www.google.com/analytics/terms/de.html.

Google Fonts
The controller has integrated components of Google Fonts on this website. Google Fonts is a font provisioning service provided by Google that allows fonts to be integrated directly into a website via Google’s servers.

The operating company of Google Fonts is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit this website, your browser loads the required fonts directly from Google’s servers to display texts and fonts correctly. Your IP address is transmitted to Google, as the fonts cannot be displayed in the browser without it. According to Google, no cookies are set. The use of Google Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested (e.g. via a cookie banner), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

If your browser does not support Google Fonts, a standard font from your computer will be used. Further information about Google Fonts can be found at https://fonts.google.com/ and in Google’s privacy policy: https://policies.google.com/privacy

Google Maps
The controller has integrated Google Maps on this website. Google Maps is a map service from Google that makes it possible to visually display geographic information and provide interactive map functions. The purpose of Google Maps is to provide interactive maps that help users find locations, plan routes, and explore geographic information.

Google Maps is operated by Google LLC, located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For users within the EU, the service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

When using Google Maps, the following data is collected and processed:

Google Maps processes this data to display maps, represent locations, and offer personalized recommendations or functions such as route planning. The data can also be used to improve Google’s services or for marketing purposes.

Personal data may be stored in the USA and other countries. Google may share this data with third-party providers if this is necessary to provide the services or to meet legal requirements.

Google implements extensive technical and organizational measures to ensure the security of the data, including encryption during transmission and at rest, as well as access restrictions.

Further information and Google’s complete privacy policy can be found at https://policies.google.com/privacy?hl=de.

Google My Business
The controller uses functions of the Google My Business service on this website. Google My Business is an online business directory of Google LLC that enables companies to present their presence in Google Search and Google Maps and to interact with users.

Google My Business can display information such as location, opening hours, contact options, reviews and posts from the company. In addition, users have the option of leaving reviews or asking questions directly via the Google profile. By linking or integrating Google My Business content on this website (e.g. via map views, reviews or post previews), data may be transferred to Google.

The operating company of Google My Business is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is responsible for users residing in the European Economic Area.

When a page with embedded Google My Business content is accessed – e.g. a Google Maps map or a review display – the internet browser of the person concerned is automatically prompted to establish a connection to Google’s servers. In particular, the IP address, location data, browser information and interactions with the embedded elements can be transmitted.

If the person concerned is logged into a Google account, this information can be assigned to their personal Google profile. Such an assignment can be prevented by the person concerned logging out of their Google account before using our website.

Google’s current privacy policy can be found at https://policies.google.com/privacy.

YouTube
The controller has integrated components of YouTube on this website. YouTube is an internet video portal that allows video publishers to post video clips for free and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all types of videos, which is why complete film and television broadcasts, but also music videos, trailers or videos made by users themselves can be accessed via the internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Through each call to one of the individual pages of this website, which is operated by the controller and on which a YouTube component (YouTube video) has been integrated, the internet browser on the information technology system of the person concerned is automatically caused by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information about YouTube can be found at www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google gain knowledge of which specific subpage of our website is visited by the person concerned.

If the person concerned is logged into YouTube at the same time, YouTube recognizes with the call of a subpage that contains a YouTube video, which specific subpage of our website the person concerned visits. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.

YouTube and Google always receive information about the fact that the person concerned has visited our website via the YouTube component if the person concerned is logged into YouTube at the same time as calling up our website; this takes place regardless of whether the person concerned clicks on a YouTube video or not. If such a transmission of this information to YouTube and Google is not wanted by the person concerned, they can prevent the transmission by logging out of their YouTube account before calling up our website.

The privacy policy published by YouTube, which is available at www.google.de/intl/de/policies/privacy/, provides information about the collection, processing and use of personal data by YouTube and Google.

Onepage
The controller has integrated components of Onepage on this website.

The operating company of Onepage is ONEPAGE GmbH, Helmholtzstraße, 2-9, 10587 Berlin.

When users use this website, various personal data can be collected. When this website is accessed, information is automatically sent to the server of this website by the browser used on the user’s device. This information is temporarily stored in a so-called log file.

The information collected includes, among other things, the IP address of the requesting computer, date and time of access, name and URL of the file called up and the browser used. The data is stored to ensure a smooth connection to the website, to ensure convenient use of the website, to evaluate system security and stability and for other administrative purposes.

Onepage uses cookies on the website.

The applicable data protection regulations in detail can be found at onepage.io/de/datenschutzerklarung.

Brevo
The controller has integrated components of Brevo on this website. Brevo is a SaaS solution for relationship marketing. Software as a Service (SaaS) is a subset of cloud computing. The SaaS model is based on the principle that the software and the IT infrastructure are operated by an external IT service provider and used by the customer as a service. Brevo’s goal is to offer its customers easy-to-use, high-performance and legally compliant email marketing software.

The operating company of Brevo is Brevo GmbH, located at Köpenicker Str. 126, 10179 Berlin.

As part of its activities and for the purpose of providing the services, Brevo collects and processes personal data of its users. Brevo collects user data in order to provide them with the services for which they have registered on the platform. The indication of whether the information provided is mandatory or voluntary (in order to complete the user’s registration and provide them with the Brevo services) is given during data collection with the help of an asterisk. In addition, certain data is automatically collected through the user’s actions on the website. The personal data collected by Brevo on the occasion of the provision of the services is required for the fulfillment of the contracts concluded with the user or is required so that Brevo can pursue its legitimate interests in compliance with the rights of the user.

Brevo processes the data, in particular, for the commercial and accounting processing of the contract, for the administration of activation and marketing campaigns, and to improve the course of the user’s visit to the website. The personal data collected is intended for Brevo’s sales department, accounting department, and customer service. It may be transferred to Brevo’s subsidiaries or to processors that Brevo may engage in connection with the provision of its services. Brevo may archive the data under the conditions provided for in the Regulation in order to comply with its legal obligations or to have the necessary elements to assert its rights.

In accordance with the Regulation, the user has the right to access and correct their personal data, so that information that is inaccurate, incomplete, misleading or outdated and whose collection or use, disclosure or storage is prohibited, is corrected, completed, clarified, updated or deleted.

The user also has the right to request the restriction of processing and to object to the processing of their personal data for legitimate reasons. The user may also leave instructions as to what should happen to their personal data in the event of death.

Where applicable, the user may request the transfer of their data or, if the processing requires their consent, withdraw their consent at any time.

Brevo uses cookies.

Brevo’s applicable data protection provisions can be found at https://www.brevo.com/de/legal/privacypolicy/.

Make
The controller has integrated components from Make on this website. Make is a cloud-based automation platform that enables various web applications and services to be linked together via so-called scenarios. Automated data flows can be created in which personal data – such as name, email address or usage data – is transferred and processed between the connected services.

The operating company of Make is Celonis, Inc., One World Trade Center, 87th Floor, New York, NY, 10007, USA.

When using the tool, personal data such as name, email address and, if applicable, other relevant information is requested. In addition, Make collects information about the use of the platform and the projects created. When you use the tool, your details from the Make form, including the data you provide there, will be stored on this website and at Make for the purpose of processing the request and in the event of follow-up questions. The data of Make users and customers is stored in the data centers of the respective provider. This data remains on this website and at Make until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after termination of use). All connections from the browser to the Make platform are encrypted during transmission using advanced encryption techniques. All data is encrypted at rest. The passwords of Make users are stored as encrypted password hashes. The data entered is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR).

Further information and Make’s applicable data protection provisions can be found at www.make.com/en/privacy-notice.

Zapier
The controller has integrated components from Zapier on this website. Zapier is used to integrate different databases and tools.

The operating company is Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA.

Customer data, with the exception of payment data, can be transmitted. Zapier collects user information. This includes information provided by the user, such as name, email address and address. In addition, Zapier automatically collects user information when a new account is created, such as payment information. Zapier receives information about users from other sources such as third-party service providers, public databases and our business and sales partners. This information may include business contact information, address, job title, email address and telephone number. Zapier may combine this information with information collected in other ways. Zapier collects user information in order to improve its own service, answer user inquiries and protect the integrity or security of the company, the website, the services or third-party applications. The data may also be used to fulfill obligations, enforce rights, comply with a legal obligation (including assisting customers in fulfilling their legal obligations), where necessary for legitimate interests, or to fulfill another purpose for which you provided the data. Information that Zapier collects from the website is transferred to and processed in the United States and any other country in which Zapier or its affiliates, subsidiaries or third-party service providers maintain facilities or personnel. Zapier takes reasonable steps to protect users’ personal data from loss, misuse and unauthorized access, disclosure, alteration or destruction, taking into account the risks associated with processing and the nature of the personal data. However, no application, internet or email transmission is ever completely secure or error-free and Zapier does not guarantee the security of personal data.

Further information and the applicable data protection provisions can be found at zapier.com/help/account/data-management/data-privacy-at-zapier.
Sleeknote
The controller has integrated components from Sleeknote on this website. Sleeknote is a cloud-based tool for creating pop-ups, forms and onsite campaigns for lead generation and optimization of user interaction.

The operating company of Sleeknote is Sleeknote ApS, Jens Baggesens Vej 90A, 8200 Aarhus, Denmark.

When using Sleeknote, personal data may be processed, in particular when users enter information into a form (e.g. name, email address). In addition, Sleeknote collects technical data and usage information such as IP address (possibly anonymized), device type, browser and interactions with the displayed elements. The data processing serves the display, analysis and optimization of the campaigns.

Depending on the type of data, processing is based on your consent (Art. 6 para. 1 lit. a GDPR) or on legitimate interests (Art. 6 para. 1 lit. f GDPR). Sleeknote uses cookies and similar technologies to evaluate user behavior.

The data is stored on servers of Sleeknote or contracted service providers and remains there until the purpose no longer applies, you revoke your consent or request deletion. A transfer to affiliated companies or to third countries can take place, whereby Sleeknote guarantees compliance with the GDPR.

Users have the legal rights to information, correction, deletion, restriction, data portability and revocation.

Further information can be found at: https://sleeknote.com/privacy-policy

UTM parameters
The controller uses so-called UTM parameters on this website to analyze and evaluate the origin of website visitors. UTM parameters (“Urchin Tracking Module”) are text components that are attached to URLs in order to better understand the success of online marketing campaigns and the path of users to a specific page.

A UTM parameter is additional information in the URL, such as “utm_source”, “utm_medium”, “utm_campaign” or “utm_term”. These parameters provide information about which channel (e.g. newsletter, social networks or paid advertisements) a user has used to access our website. They are evaluated as part of analysis tools in order to measure the success of certain measures and to optimize the offer accordingly.

The UTM parameters themselves do not contain any personal data, but – especially in connection with other tracking technologies such as cookies or IP addresses – can indirectly contribute to the creation of user profiles. The evaluation is usually pseudonymized.

The collection and processing of UTM parameters is carried out exclusively for statistical purposes and to improve our online communication. The data is not used to identify individual persons, unless there is explicit consent or a corresponding link is technically necessary and permissible under data protection law.

The applicable data protection provisions of the respective web analysis or tracking service used (e.g. Google Analytics) additionally regulate the handling of the transmitted parameters.

 

  1. eCommerce and payment providers

Processing of customer and contract data

We collect, process and use personal customer and contract data for the establishment, content design and amendment of our contractual relationships. We collect, process and use personal data on the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

The customer data collected will be deleted after completion of the order or termination of the business relationship and after expiry of any statutory retention periods. Statutory retention periods remain unaffected.

For the execution of bookings, the booking portal DIRS21, a web-based booking and channel management system of the company TourOnline AG, Borsigstraße 26, 73249 Wernau, Germany (www.dirs21.de, hereinafter “TOAG”) is used (for more information see https://www.dirs21.de/). Within the scope of the OBT, TOAG processes the data as the responsible party. The information and provisions on data protection can be found in the data protection declaration of TOAG for the OBT, which you can call up at any time from the OBT or view at https://www.dirs21.de/datenschutz.