Sonnenaufgang

Data Protection

With this data protection declaration we would like to inform you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data are all data that are personally related to you, e.g. B. Name, address, email address or your user behavior. The data protection declaration applies to all data processing operations carried out by us, both as part of our core activity and for the online media we maintain.

Who is responsible for data processing at our company:

Holiday apartment at the anchor
Andrea Kruger
Lohhof 11
31600 Uchte
Germany
+49 5763 3582
ferienwohnung-am-anker@web.de
https://www.ferienwohnung-am-anker.de/impressum

 

Processing of your data as part of the core activity of our company

If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual relationships that exist between us. In this sense, the data processed by us includes all those data that are or have been provided by you for the purpose of using the contractual or pre-contractual services and that are required to process your request or the contract concluded between us. Unless otherwise stated in the further information in this data protection declaration, the processing of your data and its transfer to third parties is limited to the data required to answer your inquiries and / or to fulfill the contract concluded between you and us, to safeguard our rights and are necessary and appropriate for the fulfillment of legal obligations. We will inform you of the data required for this before or as part of the data collection. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

 

Affected data:

  • Inventory data (e.g. names, addresses)

  • Payment data (e.g. bank details, invoices)

  • Contact details (e.g. email address, telephone number, postal address)

  • Contract data (e.g. subject of the contract, duration of the contract)


Affected people:  Interested parties, business and contractual partners

Purpose of processing : Processing of contractual services, communication and answering contact inquiries, office and organizational procedures

Legal basis : Contract fulfillment and pre-contractual inquiries, Art. 6 Paragraph 1 lit. b GDPR, legal obligation, Art. 6 Paragraph 1 lit. c GDPR, legitimate interest, Art. 6 Paragraph 1 lit. f GDPR

 

Your rights under the GDPR

According to the GDPR, you have the following rights, which you can assert at any time from the person responsible named in Section 1 of this data protection declaration:

  • Right to information:  You have the right to request information from us about whether and which data we process from you.

  • Right to rectification:  You have the right to request the correction of incorrect data or the completion of incomplete data.

  • Right to deletion : You have the right to request the deletion of your data.

  • Right to restriction:  In certain cases you have the right to request that we only process your data to a limited extent.

  • Right to data portability:  You have the right to request that we transmit your data to you or another person in charge in a structured, common and machine-readable format.

  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. The supervisory authority of your usual place of residence, your place of work or our company headquarters is responsible.

Right of withdrawal

You have the right to revoke your consent to data processing at any time.

 

Right to object

You have the right to object at any time to the processing of your data, which we base on our legitimate interest in accordance with Article 6 (1) (f) GDPR. If you make use of your right of objection, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that there are compelling legitimate reasons for data processing that outweigh your interests and rights.

Regardless of the above, you have the right to object to the processing of your personal data for advertising and data analysis purposes at any time.

Please send your objection to the contact address given above for the person responsible.

 

 

When do we delete your data?

We delete your data when we no longer need it or when you tell us to. This means that - unless otherwise stated in the individual data protection information in this data protection declaration - we will delete your data,

  • if the purpose of the data processing has ceased to exist and the respective legal basis stated in the individual data protection information no longer exists, e.g.

    • after the termination of the contractual or membership relationships existing between us (Art. 6 Para. 1 lit. a GDPR) or

    • after the loss of our legitimate interest in further processing or storage of your data (Art. 6 Para. 1 lit.f GDPR),

  • if you make use of your right of withdrawal and no other legal basis for processing within the meaning of Art. 6 Para. 1 lit.bf GDPR applies,

  • if you make use of your right of objection and there are no compelling legitimate reasons preventing the deletion.

However, if we (certain parts) of your data still have to keep it for other purposes, for example because of tax retention periods (usually 6 years for business correspondence or 10 years for accounting documents) or the assertion, exercise or defense of legal claims arising from contractual agreements If relationships (up to four years) are required or the data is used to protect the rights of another natural or legal person, we will only delete (part of) your data after these deadlines have expired. However, until these deadlines have expired, we limit the processing of this data to these purposes (fulfillment of the storage obligations).

 

Cloud services

We use cloud services in particular

  • for storing and processing documents,

  • to send documents by e-mail or to exchange files of any kind,

  • for our calendar appointment management,

  • to prepare and execute presentations and spreadsheets,

  • to publish files of any kind,

  • for internal and external communication using chats, audio and video conferences.

The software applications that we use for these purposes are made available to us by the provider (s) named below on their servers. We access these servers via the Internet. Insofar as you transmit your data to us in the context of communication with us or in other processes explained by us using this data protection declaration, we will process this data in the cloud service we use. This means that your data is stored on the servers of the third-party cloud service provider. The third-party providers process usage and metadata to secure their servers and optimize their services. In particular, we process and save your contact, customer and contract data.

If we use the cloud service we use to make files of any kind publicly available via our Internet presence, the respective third party provider of the cloud service can store cookies on your computer system, provided you access these files. The service provider can process the data collected in this way in order to analyze your usage behavior or your browser settings.

We would like to point out that, depending on the country in which the service provider named below is based, the data specified below may be transmitted to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection stipulated by the GDPR will not be complied with and that your rights will not be able to be enforced or can only be enforced with difficulty. If the service provider we use offers the processing of the data exclusively within the EU, we intend - if not already implemented at this time - to process your data exclusively there.

 

Affected data:

  • Inventory data (e.g. names, addresses),

  • Contact details (e.g. email addresses, telephone and cell phone numbers)

  • Content data (e.g. photos, videos, texts),

  • Usage data (e.g. times of access, websites visited, interest in content),

  • Metadata (e.g. IP address, computer system information)

 

Affected people:  Interested parties, communication partners, customers, employees (e.g. applicants, current and former employees)

Processing purpose:  Organization of office and administration tasks

Legal basis : Consent, Article 6 (1) (a) GDPR, fulfillment of contracts and pre-contractual inquiries, Article 6 (1) (b) GDPR, legitimate interest, Article 6 (1) (f) GDPR

 

Used cloud service providers:

Microsoft cloud services

Service provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA
Website:
  https://www.microsoft.com/de-de/microsoft-365/onedrive/online-cloud-storage
Data protection:
  https://privacy.microsoft.com/de-de/privacystatement

 

Web.de Freemail online storage

Service provider: 1 & 1 Mail & Media GmbH, Karlsruhe branch, Brauerstr. 48, 76135 Karlsruhe
Website:
  https://web.de/online-speicher/
Data protection:
  https://web.de/datenschutz/

 

Cookies

Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are stored and stored on the device you are using. Cookies are primarily used to exchange information between the device you are using and our website. This includes the language settings on a website, the login status or the point at which a video was viewed.

 

Two types of cookies are used when you visit our website:

  • Temporary cookies (session cookies):  These store a so-called session ID, with which various requests from your browser can be assigned to the common session. The session cookies are deleted when you log out or close your browser.

  • Permanent cookies:  Permanent cookies are saved even after the browser is closed. This means that our website recognizes your computer when you return to our website. For example, information on language settings or log-in information is stored in these cookies. In addition, these cookies can be used to document and save your surfing behavior. This data can be used for statistical, marketing and personalization purposes.

 

In addition to the above classification, cookies can also be differentiated with regard to their purpose:

  • Necessary cookies : These are cookies that are absolutely necessary for the operation of our website, to save logins or shopping carts for the duration of your session, or cookies that are set for security reasons.

  • Statistics, marketing and personalization cookies:  These are cookies that are used for analysis purposes or for range measurement. Such "tracking" cookies can, in particular, be used to store information on search terms entered or the frequency of page views. In addition, the surfing behavior of an individual user (e.g. viewing certain content, using functions, etc.) can also be saved in a user profile. Such profiles are used to show users content that corresponds to their potential interests. Insofar as we use services through which cookies are stored on your device for statistical, marketing and personalization purposes, we will inform you separately in the following sections of our data protection declaration or in the context of obtaining your consent.

 

Affected data:

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address).

 

Affected people:  Users of our online offers

Purpose of processing : playing our website, ensuring the operation of our website, improving our website, communication and marketing

 

Legal basis:
Legitimate interest, Art. 6 Para. 1 lit. f GDPR

If we do not obtain your consent to the setting of cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, in particular the content and functions. You have to object to the use of the cookies set by us as part of our legitimate interest via the security settings of your browser. There you have the option of whether you accept no cookies from the start, whether you only accept cookies on request, or whether you want cookies to be deleted each time you close your browser. If cookies are deactivated for our website, it is possible that not all functions of the website can be used to their full extent.

 

Web hosting

We use a provider to provide our website, on whose server our website is stored and made available for retrieval on the Internet (hosting). The provider can process all of the data transmitted via the browser you are using that is generated when you use our website. This includes in particular your IP address, which the provider needs in order to be able to deliver our online offer to the browser you are using, as well as all the entries you have made via our website. In addition, the provider we use can  

  • the date and time of access to our website

  • Time zone difference to Greenwich Mean Time (GMT)

  • Access status (HTTP status)

  • the amount of data transferred

  • the internet service provider of the accessing system

  • the type of browser you are using and its version

  • the operating system you are using

  • the website from which you may have accessed our website

  • the pages or sub-pages that you visit on our website.

to raise. The aforementioned data are stored as log files on our provider's servers. This is necessary to ensure the stability and security of the operation of our website.

 

Affected data:

  • Content data (e.g. posts, photos, videos)

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address)

 

Affected people:  Users of our website

Purpose of processing : playing our website, ensuring the operation of our website

Legal basis : Legitimate interest, Art. 6 Para. 1 lit. f GDPR

 

Web host (s) commissioned by us:

wix

Service provider: Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel
Website:
  https://de.wix.com/#
Data protection:
  https://de.wix.com/about/privacy

 

contact

Insofar as you address us via e-mail, social media, telephone, fax, post, our contact form or in any other way and provide us with personal data such as your name, your telephone number or your e-mail address or other information about yourself or If you make your request, we process this data to answer your request within the framework of the pre-contractual or contractual relationship that exists between us.

Affected data:

  • Inventory data (e.g. names, addresses)

  • Contact details (e.g. email address, telephone number, postal address)

  • Content data (texts, photos, videos)

  • Contract data (e.g. subject of the contract, duration of the contract)

 

Affected persons : interested parties, customers, business and contractual partners

Purpose of processing : communication and answering contact inquiries, office and organizational procedures

Legal basis : Contract fulfillment and pre-contractual inquiries, Art. 6 Para. 1 lit. b GDPR, legitimate interest, Art. 6 Para. 1 lit. f GDPR

Your comments or ratings 

You have the option of commenting on our contributions, expressing your opinion or posting content in the areas provided on our website. Since we can be held liable for illegal content of your comment (insults, defamatory criticism, hatred of the masses, forbidden representation of violence, etc.), we store your IP address for a period of 7 days in order to be able to determine your identity if necessary.

Legal basis : Art. 6 Para. 1 lit.f GDPR

 

Affected data :

  • Inventory data (e.g. names, addresses)

  • Content data (e.g. posts, photos, videos)

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address)

 

Purpose of processing : fulfillment of contractual obligations, communication and processing of inquiries, obtaining feedback, security measures.

 

Processing of your data when you place an order in our online shop

If you place orders via our online shop, we will process the information you provided during the ordering process in order to be able to process your order. This includes, in particular, your name and your address and electronic contact details, information on processing the payment process and the details of your specific order. We will tell you which data we need in detail during the ordering process.

If it is necessary to fulfill the contract concluded between us, to protect your vital interests or due to legal provisions, we will transmit your data to third parties, such as the logistics company commissioned with the delivery, to payment service providers for the purpose, taking into account your rights the payment processing as well as our tax advisor. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

 

Information about the shop system we use

We use the shop system mentioned below from a third party provider, through which we process orders and incoming payments and administer our inventory. If you place an order in our online shop, we will pass on your name as well as your address and electronic contact details, information on processing the payment process and the specific order to the provider of the shop system in order to process the order and payment processes.

 

Affected data:

  • Inventory data (e.g. names, addresses)

  • Payment data (e.g. bank details, invoices)

  • Contact details (e.g. email address, telephone number, postal address)

  • Contract data (e.g. subject of the contract, duration of the contract)

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address)

 

Affected persons : customers, interested parties, business and contractual partners

Purpose of processing : Processing of orders, communication and, if necessary, marketing as well as answering inquiries, data security, office and organizational procedures

Legal basis : Contract fulfillment and pre-contractual inquiries, Art. 6 Paragraph 1 lit. b GDPR, legal obligation, Art. 6 Paragraph 1 lit. c GDPR, legitimate interest, Art. 6 Paragraph 1 lit. f GDPR

 

Payment service provider

In accordance with our legal obligations or because of our legitimate interests in efficient, secure and customer-oriented payment processing, people who have concluded a contract or other legal relationship with us can use banks and credit institutions as well as other payment service providers to make payments. The payment service providers we offer process inventory data in this context, including name, address or bank data such as account / credit card number, passwords, TANs, check numbers as well as information on the contract concluded and information on the recipient of the payment.

 

The data collected in this context is required so that the payment service provider can process payments. Only the payment service provider commissioned by us collects and processes this personal information. At no point do we receive any information about your bank account or credit card details. We are informed by our payment service provider whether the payment has been received from our customers or not. It is possible for our payment service providers to forward our customers' data to business information files in order to be able to check the identity and creditworthiness of the payer. In this regard, we refer to the data protection declaration and general terms and conditions (GTC) of our payment service providers.

 

The terms and conditions and data protection provisions of the respective payment service provider apply. You can find this information on the website of the service provider concerned or in the transaction application. For further information and for the assertion of your rights regarding revocation and information, we refer to the provisions of the respective service provider.

 

Affected data:

  • Inventory data (e.g. name, address),

  • Usage data (e.g. websites visited, interest in certain topics, times of access),

  • Payment data (e.g. bank details, invoices, payment history),

  • Business transaction data (e.g. duration, customer category, subject matter of the contract),

  • Communication and metadata (e.g. IP address, information about the device or computer system)

 

Purpose of processing : Effective, secure and customer-oriented payment offers (service) as well as processing of payments in accordance with contractual agreements

Legal basis : fulfillment of the contract and fulfillment of pre-contractual inquiries, Art. 6 Para. 1 lit. b GDPR, legitimate interests, Art. 6 Para. 1 lit. f GDPR

Revocation options: You can revoke your consent to the use of personal data at any time by contacting the respective payment service provider. Despite revocation, the payment service provider may still be entitled to process, use and transmit the personal data that are absolutely necessary for contractual payment processing. With regard to the storage and timely deletion of personal data, we refer to the respective data protection regulations of the payment service provider.

 

We use the following payment service providers:

 

Instant bank transfer

Service provider: SOFORT GmbH, Theresienhöhe 12, 80339 Munich
Website:
  https://www.sofort.de/index.html
Data protection:
  https://www.sofort.de/datenschutz.html

 

PayPal

Service provider: PayPal (Europe) S.à.rl et Cie., SCA, 22-24 Boulevard Royal, 2449 Luxembourg
Website:
  https://www.paypal.com/de/webapps/mpp/home
Data protection:
  https://www.paypal.com/de/webapps/mpp/ua/privacy-full#

 

Rating seal

In order to give you a first impression of the quality of our offers and services, we use the evaluation seal (also called evaluation widget) integrated on our website to display a selection of reviews from our customers and the overall rating formed from all reviews. If you click on the widget, you will be redirected to the website of the respective provider. There you can call up all reviews of our offer. You can also rate us there.

 

The provider's seal integrated on our website is played out via an interface from the respective provider's server. For this purpose, when you visit our website, a data connection to the provider's server is established. This provides the provider with certain data that are required to display the content of the widget on your browser. This includes the IP address assigned to you and other access data.

 

Affected data:

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address).

 

Affected people:  Customers, users of our website

Purpose of processing : Obtaining customer feedback, as well as interest- and behavior-related marketing

Legal basis : Consent, Article 6 (1) (a) GDPR, legitimate interest, Article 6 (1) (f) GDPR

 

We use the following rating seals:

 

The third-party plugins we use

We have plugins in the form of. "Social media buttons" of the providers we use are embedded. You can identify which plug-in belongs to which provider by the respective logo with which the plug-in is identified. We have deactivated the social media plug-ins on our website by default, so that data is not automatically transmitted to the provider of the plug-in when you visit our website. We use the so-called Shariff solution for this purpose. Only when you click on the “social media button” of the respective provider will the collection of information and its transmission to the provider be triggered. If you click on one of these buttons, data can be sent to the operator of the social network even if you do not have an account there or have an account there, but are not logged in at the moment of visiting our website.

 

We would like to point out that, depending on the country in which the service provider named below is based, the data specified below may be transmitted to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection stipulated by the GDPR will not be complied with and that your rights will not be able to be enforced or can only be enforced with difficulty.

 

Affected data:

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address)

 

Affected persons : users of our website

Purpose of processing : playing our website, offering content, ensuring the operation of our website

Legal basis : Consent via cookie consent banner, Article 6 (1) (a) GDPR, legitimate interests, Article 6 (1) (f) GDPR

We use the following plugins:

Facebook

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland
Website: https://www.facebook.com/
Data protection:
  https://www.facebook.com/about/privacy/
Data protection declaration for Facebook pages:
  https://www.facebook.com/legal/terms/information_about_page_insights_data

 

Our online presence on social networks

We operate online presences within the social networks listed below. If you visit one of these presences, the data listed below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and usage profiles are created. In the usage profiles, data can be saved regardless of the device you are using. This is particularly the case if you are a member of the respective platform and logged in to it. The usage profiles can be used by the providers to show you interest-based advertising. You have a right of withdrawal against the creation of user profiles. In order to exercise this, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider can collect data about your usage behavior on our website. To prevent your data from being linked in this way, you can log out of the provider's service before visiting our website.

 

For what purpose and to what extent data is collected by the provider, you can refer to the respective data protection declarations of the providers, which are communicated below.

 

We would like to point out that, depending on the country of domicile of the provider named below, the data collected via its platform can be transferred and processed outside of the European Union. In this case, there is a risk that the level of data protection stipulated by the GDPR will not be complied with and that your rights will not be able to be enforced or can only be enforced with difficulty.

 

Affected data:

  • Inventory and contact details (e.g. name, address, telephone number, email address)

  • Content data (e.g. posts, photos, videos)

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address).

 

Purpose of processing : communication and marketing, tracking and analysis of user behavior

Legal basis : Consent, Article 6 (1) (a) GDPR, legitimate interests Article 6 (1) (f) GDPR

Opposition options : For information on the respective options for objection (opt-out), please refer to the information provided by the provider linked below.

 

We maintain an online presence on the following social networks:

 

Facebook

Service provider: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland
Website:
  https://www.facebook.com/
Data protection:
  https://www.facebook.com/about/privacy/
Data protection declaration for Facebook pages:
  https://www.facebook.com/legal/terms/information_about_page_insights_data

 

Content services

We use certain services to be able to display certain content or graphics (videos, images, music, fonts, maps) on our website. The services we use process the IP address assigned to you at the time of your visit to our website, as this is the only way to display the respective content in the browser you are using. In addition, the providers of these services can set additional cookies on your device, which collect information about your usage behavior, your interests, the device and browser you are using, as well as the time and duration of your session. The providers regularly use this data for analysis, statistical and marketing purposes. This information can also be combined with information from other sources. This applies in particular if you yourself have an account with the service provider and are logged in there at the time of the session.

 

We would like to point out that, depending on the country in which the service provider named below is based, the data specified below may be transmitted to and processed on servers outside the European Union. In this case, there is a risk that the level of data protection stipulated by the GDPR will not be complied with and that your rights will not be able to be enforced or can only be enforced with difficulty.

 

Affected data:

  • Usage data (e.g. access times, websites clicked on)

  • Communication data (e.g. information about the device used, IP address)

 

Affected people:  Users of our website

Purpose of processing : playing our website, offering content, ensuring the operation of our website

Legal basis : Consent via cookie consent banner, Article 6 (1) (a) GDPR, legitimate interests, Article 6 (1) (f) GDPR

 

We use the following content services:

 

Google Maps

We use Google Maps on our website. Here, Google collects and processes the visitor's IP address. When you visit a website on which Google Maps is integrated, regardless of whether you are actually using Google Maps or whether you are logged into your Google account, your IP address and your location data (the latter usually not without your consent) transmitted to Google. Your IP address will be assigned to your Google account if you are logged in there when you visit our website.

 

Service provider: Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA
Headquarters in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Website:
  https://www.google.de/maps
Data protection:
  https://policies.google.com/privacy
Opt-out option :
  https://tools.google.com/dlpage/gaoptout?hl=de

 

Safety measures

We also take state-of-the-art technical and organizational security measures in order to comply with the provisions of data protection laws and to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

Up-to-dateness and changes to this data protection declaration

This data protection declaration is currently valid and is as of October 2020. Due to changed legal or official requirements, it may be necessary to adapt this data protection declaration.

This data protection declaration was created with the help of the data protection generator from SOS Recht. SOS Law is an offer from Mueller.legal Rechtsanwälte Partnerschaft based in Berlin.

Data privacy statement