Welcome to holidayheroes and our online presence, especially at www.holidayheroes.de We are delighted that we have aroused your interest in our region and our offers. The protection of your privacy and your personal data is very important to us. Your data is therefore always collected and used in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 (GDPR), the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the German Act on Data Protection and Privacy in Telecommunications and Telemedia (TTDSG). In the following, we therefore inform you about which data we collect and how we process this data. The person responsible for this online presence within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is: holidayheroes TRAVELSTORE sprl, a limited liability company under Belgian law, Managing Director: Mr. Yoni Alhadeff (Directeur Général), registered office: 11/4, Avenue Docteur Lemoine, 1070 Brussels, telephone 32.2.2621355, e-mail address team@holidayheroes.de (hereinafter abbreviated as "holidayheroes") The operation of our Facebook fan page constitutes processing under joint responsibility pursuant to Art. 26 GDPR. We ourselves have no influence on the processing of data by Facebook. The responsibility for the processing of the so-called Insights data and the fulfillment of corresponding obligations under the GDPR is assumed by Facebook. You can find further information at: https://www.facebook.com/legal/terms/page_controller_addendum and at: https://de-de.facebook.com/help/pages/insights Personal data within the meaning of Art. 4 No. 1 GDPR means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data is only stored insofar as this is necessary for the provision of the booked service, for compliance with legal requirements or for the purpose stated below. Personal data is processed on the following legal bases or for the following purposes: You can withdraw your consent at any time. We would like to point out that the revocation is effective for the future and processing that took place before the revocation is not affected. This applies in particular to the following groups of cases: The collection of personal data becomes essential if you wish to book a stay or other service via our portal or use offers from us for the processing of which personal data is essential. This also includes voucher purchases and participation in competitions. In accordance with the statutory regulations and in the interests of data economy, we only collect data that is required for the provision of this particular service. If we ask you to provide further information in our forms, this is always voluntary and marked as such. If you book a stay or other service, the data collected will be used to process this booking, for advertising purposes and for statistical purposes in accordance with legal requirements. Your personal data will only be passed on within the framework of the relevant regulations, in particular those relating to competition and data protection. Insofar as this is necessary for the provision of the contractual service owed by us or legal obligations, your data will also be passed on to subcontractors or service providers to provide the service in our name or on our behalf (e.g. technical processing of postal and e-mail dispatch, customer service). In addition, the data will be passed on to persons or companies to process your booking, in particular to hosts, hotels, local service providers and authorities, etc. Your data will also be disclosed and transferred to third parties if we are obliged to do so by law or on the basis of legally binding court proceedings. You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided. Data will only be transferred to third countries (countries outside the European Economic Area - EEA) if this is necessary for the execution of our offers, required by law or if you have given us your consent. If required by law, we will inform you of the details. Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that a level of data protection comparable to that in the EU cannot be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It cannot be ruled out that US authorities, such as secret services, may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on this processing activity. We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk within the meaning of Art. 32 GDPR. Your personal data will be stored for the purposes stated under "Purpose of collecting personal data". The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data in accordance with Art. 17 para. 3 GDPR. If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted, i.e. the data is blocked and not processed for other purposes. This includes data that must be retained for tax law reasons. Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser. In some cases, cookies from third-party companies may also be stored on your device when you use our online services (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising. Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this privacy policy and, if necessary, request your consent. You have the option of registering for our newsletter on our website. We process the personal data transmitted via the registration form in order to send you the individual newsletters. For the purpose of measuring reach and evaluating our email marketing campaigns, we collect data on your use of our newsletters, e.g. whether, how often and for how long you read them and which links you click on. The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. a GDPR, if applicable in conjunction with. § Section 7 para. 2 no. 3 UWG. We may also send you certain information by email on the basis of legal permission in accordance with Section 7 (3) UWG. You can revoke your consent at any time with effect for the future (e.g. via the "unsubscribe" link in the newsletter). If you exercise your right of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose no longer applies. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. You can object to the storage if your interests outweigh our legitimate interest. On our website, we use a cookie from the service provider Hubspot of HubSpot Inc, 25 First Street, Cambridge, MA 02141, USA or, in the case of use within the EU, HubSpot Ireland Limited, HubSpot House, One Sir John Rogerson's Quay, Dublin 2, Ireland (hereinafter "HubSpot") to record the individual websites and topics that a registered user views during their visits. Hubspot is an integrated software solution that we use to cover various aspects of our online marketing. By registering on our homepage, we enable users to learn more about our company. For example, you can download content and provide your contact information. This information and the content of our website is stored on HubSpot's servers. We use all information collected exclusively to optimize our marketing measures. You can view Hubspot's privacy policy at: https://legal.hubspot.com/privacy-policy?_ga=2.49766949.2042516961.1652774786-968170581.1652774786 Information on Hubspot's EU data protection regulations can be found at: https://www.hubspot.com/de/data-privacy/privacy-shield Information on the cookies used by HubSpot can be found at: https://legal.hubspot.com/de/cookie-policy The legal basis for the processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future. The personal data will be stored for as long as it is necessary to fulfill the purpose of processing. The data will be deleted as soon as it is no longer required to achieve the purpose. As part of processing via HubSpot, data may be transferred to the USA. The security of the transfer is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent may serve as the legal basis for the transfer to third countries in accordance with Art. 49 para. 1 lit. a GDPR. We use ActiveTrail from ACTIVE TRAIL LTD - 513921072 Drech Begen 48 ,Tel Aviv - Jaffa, IL, to send our newsletter. ActiveTrail is the recipient of your personal data and acts as a processor for us when it comes to sending our newsletter. In addition, ActiveTrail collects the following personal data using cookies and other tracking methods: Information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information about hardware and internet connection. In addition, usage data such as date and time, when you opened the email / campaign and browser activities (e.g. which emails / websites were opened) are collected. ActiveTrail requires this data to ensure the security and reliability of the systems, compliance with the terms of use and the prevention of misuse. This corresponds to the legitimate interest of ActiveTrail (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). ActiveTrail also analyzes performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services. ActiveTrail also collects information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. The declaration of revocation does not affect the legality of the processing carried out to date. Your data will be processed for as long as we have your consent to do so. They will be deleted after termination of the contract between us and ), unless legal requirements make further storage necessary. Further information on objection and removal options vis-à-vis ActiveTrail and the privacy policy can be found at: https://www.activetrail.com/activetrail-general-data-protection-regulation-gdpr/ If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time. We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected. If you contact us by e-mail, telephone or fax, we will store and process your request, including all personal data (name, request), for the purpose of processing your request. We will not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; the consent can be revoked at any time. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected. If you no longer wish to receive our newsletter or our advertising emails, click on the link: "Unsubscribe newsletter", which is included at the bottom of all emails we send. A fully automated decision means that decisions are made by technical means without the direct involvement of a person. Automated decision-making in accordance with Art. 22 GDPR does not take place on our website. In the event that we use this procedure in individual cases, we will inform you of this separately if required by law. Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. We do not process your data with the aim of evaluating certain personal aspects (profiling). This website uses Google Analytics, a web analytics service provided by Google Inc. Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in Ireland. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. The Google tracking codes on this website use the "anonymizeIp()" function, which means that IP addresses are only processed in abbreviated form in order to prevent them being directly linked to individuals. You can object to the collection and storage of data at any time with effect for the future. For the objection to be permanent, the browser used must accept cookies. Alternatively, you can object to the collection of data by using a Google browser plugin to prevent the information collected by cookies (including your IP address) from being sent to Google Ireland Limited and used by Google Ireland Limited. The following link will take you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de The legal basis for the use of Google Analytics is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. You can find the privacy policy at: https://policies.google.com/privacy?hl=en Our online presence uses Google Fonts and the Google Fonts API to visually display fonts and symbols. When using Google Fonts, Google also collects, processes and uses data about the use of the fonts functions by visitors to the websites, unless the data is stored on the local servers of our online presence. You can find more information about data processing by Google in Google's privacy policy at http://www.google.com/privacypolicy.html entnehmen. You can also change your settings there in the data protection center so that you can manage and protect your data. The use of Google Web Fonts is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG. Consent can be revoked at any time. If your browser does not support web fonts, a standard font will be used by your computer. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/gdprcontrollerterms/ https://privacy.google.com/businesses/gdprcontrollerterms/sccs/ You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de Our online presence uses Google Maps and the Google Maps API to visually display a map and geographical information. When Google Maps is used, Google also collects, processes and uses data about the use of the Maps functions by visitors to the websites. The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ https://privacy.google.com/businesses/gdprcontrollerterms/sccs/ You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de Our online presence uses Mixpanel, of the company Mixpanel Inc, One Front Street, Floor 28, San Francisco, CA 94111, USA. Mixpanel supports us in the statistical evaluation of the use of our website in order to constantly optimize our Internet presence and make it more appealing to you as a user. Mixpanel uses pixels that are integrated into our website for analysis purposes. Personal data such as the anonymized IP address, browser, browser version and operating system used are collected. Mixpanel processes personal data in the USA, among other places. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://mixpanel.com/legal/dpa/. The legal basis for the use is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG. Consent can be revoked at any time. Further information can be found in Mixpanel's privacy policy: https://mixpanel.com/legal/privacy-policy/ . If you have given us your express consent to this during or after your order by activating a corresponding checkbox or clicking on a button provided for this purpose ("Rate later"), we will send your e-mail address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne (www.trustedshops.de) as a reminder to submit a rating of your order so that they can remind you by e-mail of the opportunity to submit a rating. This consent can be revoked at any time by sending a message to the contact option described below or directly to Trusted Shops. You can access the privacy policy of trustedshops at: https://www.trustedshops.de/impressum-datenschutz/ Elements of the social network Facebook are integrated on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries. An overview of the Facebook social media elements can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE When the social media element is active, a direct connection is established between your end device and the Facebook server. Facebook receives the information that you have visited this website with your IP address. If you click on the Facebook "Like" button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation. If consent has been obtained, the above-mentioned service is used on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the widest possible visibility in social media. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, there is joint responsibility (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The joint obligations have been set out in an agreement on joint processing. You can access the agreement at: https://de-de.facebook.com/legal/terms/page_controller_addendum According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook. We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data is generally processed within social networks for market research and advertising purposes. This website uses social plugins ("plugins") of the social network operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook"). The plugins can be recognized by one of the Facebook logos (hand with raised thumb) or are marked with the addition "Facebook Social Plugin". The list and appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/plugins When a web page of this website containing such a plugin is accessed, the browser used establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the browser used, which integrates it into the website. The provider therefore has no influence on the scope of the data that Facebook collects with the help of this plugin and therefore informs according to its level of knowledge: by integrating the plugins, Facebook receives the information that the corresponding page of our website has been accessed. If the visitor is logged in to Facebook, Facebook can assign the visit to their Facebook account. If the visitor interacts with the plugins (for example, by clicking the "Like" button or posting a comment), the corresponding information is transmitted directly from their browser to Facebook and stored there. If the visitor is not a member of Facebook, it is still possible for Facebook to find out their IP address and store it. We use the social plug-ins to offer you a better user experience on our website and so that Facebook can optimize our advertisements. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the relevant rights and setting options for the protection of privacy can be found in Facebook's data protection information: https://www.facebook.com/policy.php If the visitor is a Facebook member and does not want Facebook to collect data about them via this website and link it to their member data stored on Facebook, the visitor must log out of Facebook before visiting this website. It is also possible to block Facebook social plugins with add-ons for the browser used, for example with the "Facebook Blocker". If consent has been obtained, the above-mentioned service is used on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the widest possible visibility in social media. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, there is joint responsibility (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The joint obligations have been set out in an agreement on joint processing. You can access the agreement at: https://de-de.facebook.com/legal/terms/page_controller_addendum According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook. Further information on this can be found in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation. We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data is generally processed within social networks for market research and advertising purposes. Functions of the Twitter service are integrated on this website. These functions are offered by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. When the social media element is active, a direct connection is established between your device and the Twitter server. Twitter thereby receives information about your visit to this website. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter. Further information on this can be found in Twitter's privacy policy at: https://twitter.com/de/privacy and at: https://help.twitter.com/de/rules-and-policies/data-processing-legal-bases If consent has been obtained, the above-mentioned service is used on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the widest possible visibility in social media. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html. You can change your data protection settings on Twitter in the account settings at: https://twitter.com/account/settings We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data is generally processed within social networks for market research and advertising purposes. Functions of the Instagram service are integrated on this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram then receives information about your visit to this website. If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram. Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the widest possible visibility in social media. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, there is joint responsibility in accordance with Art. 26 GDPR. The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing carried out by Facebook or Instagram after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can access the agreement at: https://de-de.facebook.com/legal/terms/page_controller_addendum According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook and Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook. Further information on this can be found in Instagram's privacy policy: https://instagram.com/about/legal/privacy/. We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data is generally processed within social networks for market research and advertising purposes. On this website, we use elements of the social network Pinterest, which is operated by Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. When you access a page that contains such an element, your browser establishes a direct connection to the Pinterest servers. This social media element transmits log data to the Pinterest server in the USA. This log data may contain your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, your use of Pinterest and cookies. If consent has been obtained, the above-mentioned service is used on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest in the widest possible visibility in social media in accordance with Art. 6 para. 1 lit. f GDPR. Further information on the purpose, scope and further processing and use of the data by Pinterest as well as your rights and options for protecting your privacy in this regard can be found in Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data is usually processed within social networks for market research and advertising purposes. This website uses the "Facebook pixel" of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook"). This allows the behavior of users to be tracked after they have seen or clicked on a Facebook ad. This process is used to evaluate the effectiveness of Facebook ads for statistical and market research purposes and can help to optimize future advertising measures. The data collected is anonymous to us, so it does not allow us to draw any conclusions about the identity of users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook privacy policy (https://www.facebook.com/about/privacy/) The user can enable Facebook and its partners to place advertisements on and outside of Facebook. It may also store a cookie on your computer for these purposes. The user can also deactivate the use of cookies by third-party providers such as Facebook on the following website of the Digital Advertising Alliance : https://www.aboutads.info/choices/ If consent has been obtained, the above-mentioned service is used on the basis of Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the widest possible visibility in social media. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, there is joint responsibility (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The joint obligations have been set out in an agreement on joint processing. You can access the agreement at: https://de-de.facebook.com/legal/terms/page_controller_addendum According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook. Further information on this can be found in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation. We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data is generally processed within social networks for market research and advertising purposes. This website uses social media plugins from the social network Xing, which is operated by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany ("XING"). The "social plugins" are recognizable by the XING logo, a stylized "X" made of opposing arrows in green. When this website is accessed, a short-term connection to XING servers is established via the user's browser, with which the "XING share button" functions (in particular the calculation/display of the counter value) are provided. XING does not store any of the user's personal data when this service is accessed. In particular, XING does not store any IP addresses. There is also no evaluation of user behavior through the use of cookies in connection with the "XING Share Button". Users can access the latest data protection information on the "XING share button" and additional information on this website: https://www.xing.com/app/share?op=data_protection If you have given us your consent, this consent is the legal basis for data processing in accordance with Art. 6 (1) GDPR. Your data will be stored and processed on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data within social networks is generally processed for market research and advertising purposes. This website uses plugins from the social network LinkedIn, which is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). Please note that the plugin establishes a connection between your internet browser and the LinkedIn server when you visit our website. LinkedIn is thus informed that this website has been visited with your IP address. If you click on the LinkedIn "Recommend button" and are logged into your LinkedIn account at the same time, you have the option of linking content from our website to your LinkedIn profile page. In doing so, you enable LinkedIn to associate your visit to our website with you or your user account. You should be aware that we have no knowledge of the content of the data transmitted or its use by LinkedIn. For further details on the collection of data and your legal options and settings options, please contact LinkedIn at: https://de.linkedin.com/legal/privacy-policy We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users' rights. Furthermore, user data within social networks is generally processed for market research and advertising purposes. Our website uses technologies from etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany (www.etracker.com) to collect and store data for marketing and optimization purposes. This data can be used to create user profiles under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor's Internet browser. Cookies make it possible to recognize the Internet browser. The data collected using etracker technologies will not be used to personally identify the visitor to this website and will not be merged with personal data about the bearer of the pseudonym without the separately granted consent of the person concerned. The collection and storage of data can be revoked at any time with effect for the future. In order to revoke the collection and storage of your visitor data for the future, you can obtain an opt-out cookie from etracker under the following link, which means that no visitor data from your browser will be collected and stored by etracker in the future: http://www.etracker.de/privacy?et=V23Jbb This sets an opt-out cookie with the name "cntcookie" from etracker. Please do not delete this cookie as long as you wish to maintain your opt-out. Further information can be found in etracker's privacy policy: https://www.etracker.com/datenschutzerklaerung/ This website uses a link to YouTube from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use the "extended data protection mode" when embedding, so that usage information is only transmitted when the video is started. In this case, the specific page of our website you visit and the video you watch are transmitted. If you are logged into your YouTube account, you enable YouTube to assign your page views directly to your personal profile. If you want to ensure that no data about you is stored by YouTube, do not click on the embedded videos. The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/. Further information on the handling of user data can be found in Google's privacy policy at: https://policies.google.com/privacy?hl=de This website uses the software Hotjar (Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta). Hotjar enables us to measure and evaluate user behavior (mouse movements, clicks, scroll height, etc.) on our website. For this purpose, Hotjar places cookies on users' end devices and can store user data such as browser information, operating system, time spent on the site, etc. in anonymized form. You can prevent this data processing by Hotjar by deactivating the use of cookies in your web browser settings and deleting cookies that are already active. You can find out more about data processing by Hotjar at: https://www.hotjar.com/legal/policies/privacy/ This website uses the web analysis tool Lucky Orange (Lucky Orange LLC, 8665 W 96th St Suite #100, Overland Park, KS 66212, USA). Lucky Orange enables us to measure and evaluate user behavior on our website. For this purpose, Lucky Orange places cookies on users' end devices and can store user data and user behavior such as mouse movements, time spent on the site, etc. in anonymized form. The use of Lucky Orange is in the interest of an appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. If you wish to deactivate data collection by Lucky Orange, click on the following link and follow the instructions there: http://help.luckyorange.com Further information on the handling of user data can be found in Lucky Orange's privacy policy: https://www.luckyorange.com/legal/privacy. This website uses the live chat of Olark, a service of Olark Inc, 427 N Tatnall St #63602, Wilmington, DE 19801, which allows us to contact and support visitors to the website. During the chat connection, the location, IP address, browser and website visited are displayed to us. Once the connection has ended, we no longer have access to this data. Olark places cookies on your computer to make it easier for you to surf our website. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can find Olark's privacy policy at: https://www.olark.com/privacy-policy We use the reCaptcha service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland on our website. The purpose of using reCaptcha is to check whether the data entry on the homepage is made by a human or by an automated program. In doing so, reCaptcha analyzes the behavior of the website visitor based on various characteristics, whereby the analysis begins automatically as soon as the website visitor accesses the website. For the analysis, reCAPTCHA then evaluates various information such as IP address, time spent on the website by the website visitor, etc. The data collected during the analysis is forwarded to Google. reCAPTCHA analyses run in the background and website visitors are not informed that an analysis is taking place. The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/ Further information on the handling of user data can be found in Google's privacy policy at: https://policies.google.com/privacy?hl=de You have the right: • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on its details;
; • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us; • in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims; • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR; • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller; • in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future and • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters. If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on this provision. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR). If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR). You are of course entitled to these rights free of charge. To revoke your consent to the use of data, to request information or the correction, blocking or deletion or to exercise the other rights of data subjects, please contact: team@holidayheroes.de We would like to point out that you can most easily assert your data subject rights in connection with your social media use against the social media companies and that you can make further settings options there to protect your privacy with the social media companies. You can contact the supervisory authority responsible for you for complaints within the meaning of Art. 77 GDPR using the following contact details: Bavarian State Office for Data Protection Supervision (BayLDA) Promenade 18 91522 Ansbach Telephone: +49 (0) 89 12 08 67 74 Fax: +49 (0) 89 12 08 67 74 E-Mail: poststelle@lda.bayern.de Security depends not least on your system. You should always treat your access information confidentially, never allow passwords to be saved by the web browser and close the web browser window when you end your visit to our website. This will make it more difficult for third parties to access your personal data. Use an operating system that can manage user rights. Set up several users on your system, even within the family, and never use the Internet with administrator rights. Use security software such as virus scanners and firewalls and keep your system up to date.
1. Person responsible
2. Personal data
3. Purpose of the collection of personal data
c. Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis
d. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis,
e. Insofar as the protection of our legitimate interests is required, Art. 6 para. 1 lit. f GDPR serves as the legal basis.
f. We also use the personal data stored by us to maintain customer relationships, for customer support (e.g. information on the course of your stay), to carry out our own advertising and marketing measures (e.g. sending catalogs or other postal advertising mailings) and for order processing. The legal basis for sending promotional emails in connection with bookings and orders is Section 7 (3) UWG.
g. Through your use of social media companies, usage profiles are created based on your usage behavior and used for the use of advertisements. Cookies are usually stored on your computer for this purpose. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
h. Special information concerning our website:
4. Disclosure of personal data to third parties
5. Transfer of the data to a third country or to an international organization
6. Security measures
7. Storage and deletion of data
8. Use of cookies and comparable technologies
9. Newsletter
This enables us to contact subscribers directly. In addition, we analyze your usage behavior in order to optimize our offer. The following personal data is passed on to ActiveTrail, among others: E-mail address, name.
10. Contact form
11. Request by e-mail, telephone or instant messaging services
12. Newsletter - Unsubscription
13. Automated decision in individual cases
14. Use of data for profiling
15. Use of Google Analytics
16. Use of Google Web Fonts
17. Use of Google Maps
18. Use of Mixpanel
20. Use of Facebook
21. Facebook Social Plugins
22. Use of Twitter
23. Use of Instagram
24. Use of Pinterest
25. Use of the Facebook conversion pixel
By visiting our website and our Facebook page, you consent to the use of cookies. To generally object to the use of cookies on the computer, the Internet browser can be set so that no more cookies can be stored on the computer in the future or cookies that have already been stored are deleted. However, deactivating all cookies may mean that some functions on our website can no longer be executed.
26. Use of the Xing social plugin
27. Use of the LinkedIn social plugin
29. Use of YouTube
30. Use of Hotjar
33. Use of reCaptcha
34. Right to information / right of revocation; further rights of data subjects
