We have implemented numerous technical and organisational measures to ensure the most complete possible protection of the personal data processed. Our security measures are continuously improved in line with technological developments. Nevertheless, data transmission on the Internet may have security gaps, so that absolute protection cannot be guaranteed. You are therefore free to transmit personal data to us by other means, e.g. by telephone.
Table of contents
- Nature and purpose of the data processed
- Person responsible for the processing
- Definition of terms
- your rights
- Legal basis of the processing
- Duration of storage
- Cooperation with contract processors
- Tramino software and services
- Social networks
- Services from Google
Nature and purpose of the data processed
Nature of the data processed
- Address data (first and last name, address, telephone number, e-mail)
- Text entries (messages), photographs (uploads)
- Usage data, websites visited, access times
- IP addresses and metadata (device information)
- Visitors and users of our online offer
Purpose of the processing
- Provision of the online presence with contents and functions
- Processing of bookings and orders
- Processing of contact requests and sent messages
- Security measures
- Statistical evaluations
Person responsible for the processing
is the controller within the meaning of the basic data protection regulation:
Tel: +49 (9371) 5500
Fax: +49 (9371) 65511
Handy: +49 (176) 64176195
Definition of terms
- "Personal data" is all information that can be identified on persons known to us or by means of data stored with us.
- "processing' means any operation, whether manual or automatic, whereby personal data are loaded, allocated, stored or modified
- As "controller" we refer to persons, authorities or institutions that decide on the purposes and means of processing personal data.
- You have the right to obtain confirmation of whether your data is being processed by us, to be informed of this information and to receive a copy of the data (Art. 15 DSGVO)
- You have the right to correct or complete data concerning you (Art. 16 DSGVO)
- You have the right to have your data deleted immediately (Art. 17 DSGVO) or to demand a restriction on their processing (Art. 18 DSGVO).
- You have the right to receive your personal data as a file or to request that it be communicated to other responsible parties (art. 20 DSGVO)
- You have the right to object to future processing of your data at any time (Art. 21 DSGVO)
- You have the right to revoke consents granted in accordance with Art. 7 Para. 3 DSGVO with effect for the future
- Under Art. 77 DSGVO, they also have the right to lodge a complaint with the competent supervisory authority.
Legal basis of the processing
Art. 6 of the DSGVO serves our company as the legal basis for all processing operations. We process your data only if:
- you have given your consent to the processing of your personal data for one or more specific purposes
- the processing is necessary for the performance of a contract or for carrying out pre-contractual measures taken in response to your request
- the processing is necessary for the fulfilment of a legal obligation to which you are subject
- the processing is necessary to protect your vital interests or those of another person
- the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us (Reporting Act)
- processing is necessary for the protection of our legitimate interests or those of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.
Duration of storage
We adhere to the respective legal retention period for the maximum duration of storage of your personal data. After this period has expired, the corresponding data is routinely deleted if it is no longer required for the fulfilment or initiation of a contract.
All personal data processed by us will be deleted or restricted for further processing in accordance with Art 17 & 18 DSGVO. In concrete terms this means: personal data will be deleted when they are no longer required to fulfil the desired purposes or when the legal obligation to retain them has expired. This applies in particular to invoices, accounting vouchers and business records.
Cooperation with contract processors
If a transmission of the data to third parties is necessary for the fulfilment of the contract, this will only take place:
- on the basis of the legal permit pursuant to Art. 6 Para. 1 lit. b DSGVO
- on the basis of your consent
- where a legal obligation so provides
- on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.)
If we commission third parties with processing on the basis of a so-called "contract processing agreement", this is done on the basis of Art. 28 DSGVO.
Software and services of ALL-INKL.com
For the operation of this website and the associated software we use the products of our technical service provider All-inkl (registered office: Hauptstraße 68, 02742 Friedersdorf) on the basis of our legitimate interests pursuant to Art. 6 Para. 1 lit. f DSGVO and a contract processing agreement pursuant to Art. 28 Para. 3 sentence 1 DSGVO. The service provider does not use the personal data processed in this way itself or pass them on to third parties.
Together with all-incl technical and organizational security measures in accordance with § 9 BDSG, we use your data managed by us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously improved in accordance with technological developments. We store data protection-relevant information exclusively on secured EDP systems in Germany. Access to this data is only possible for a few authorized persons who are responsible for the technical, administrative or editorial maintenance of data and who are obliged to observe special data protection regulations.
Hosting, access data and log files
For the purpose of operating this online offer, we use hosting services from all-inkl for the following services:
- Provision of our online platform
- Provision of software, computing capacity, storage space and database
- Security services and technical maintenance
In doing so, we or our hosting provider process the data on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 letter f DSGVO in conjunction with Art. 28 DSGVO content data, personal data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer. In particular, every access to the server on which this service is located is stored in a log file. In detail the following is stored:
- Name of the web page or file retrieved
- Date and time of retrieval
- transmitted data volume, message about successful retrieval
- Browser type and version and the operating system used
- the address of the previously visited website
- the IP address of the visitor at the provider used
For security reasons (e.g. to clarify misuse or fraud), log file information is stored for a maximum period of 30 days and then deleted. Data whose further storage is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified.
- We assign the contents of your shopping cart to your browser so that you can continue a booking or order you have started at a later date.
- If you make settings on our site (e.g. the travel period in the booking mask), we will assign these to your browser so that you do not have to enter them again on your next visit
- When you access our site via a link from another site, we associate the previous address with your cookie, and read this information in the event of a booking, order or inquiry to statistically determine how our customers became aware of us.
- If you use a login function, you do not have to enter your access data every time you visit your website
You can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. In addition, cookies that have already been set can be deleted from your Internet browser at any time. If you permanently deactivate the setting of cookies, it is possible that not all functions of our website can be used.
To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.
booking & ordering system
The processing of our bookings or orders is done with DIRS21 software. This service provider is used on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f DSGVO and an order processing contract in accordance with Art. 28 para. 3 sentence 1 DSGVO and does not use the resulting personal data itself or pass it on to third parties.
Data collected during a booking or order (address data with address, communication data such as telephone number and e-mail address) as well as information on accompanying persons (names, dates of birth) are stored in a customer relationship management system ("CRM system"). If you provide special personal data relevant to the performance of our services, e.g. allergy-related incompatibilities, this will also be stored. We will delete this data if it is no longer required to fulfil your requests. We check the necessity every two years; furthermore, the statutory archiving obligations apply.
Our presence in social networks
We are involved in social networks and platforms in order to communicate with the customers and interested parties active there and to be able to inform them about our services. When using the respective networks or platforms, the terms and conditions and privacy policies of their respective operators apply. We only process the data of users when they communicate with us in social networks or platforms, write articles or send us messages.
Use of Google Analytics
The Google tracking codes of this website use the function "_anonymizeIp()", thus IP addresses are only processed in abbreviated form in order to exclude the possibility of direct personal references. The collection and storage of data can be objected to at any time with effect for the future. By clicking the button "Deactivate", tracking is completely disabled. In order for the objection to be made permanently, your browser must accept cookies. Alternatively, you can consent to data collection by using a Google Browser Plugins contradict.
Use of Google Maps
We use the Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data on the use of the map functions by visitors. For more information about data processing by Google, you can download the Google Privacy Notice from the container. There you can also change your personal data protection settings in the data protection center.
Use of Google Fonts
Use of Google ReCaptcha