Data privacy

Information about the processing of your data

In accordance with Article 12 of the General Data Protection Regulation (hereinafter: GDPR) we are obliged inform you about how we process your data when you use our website. We take the protection of your personal data very seriously and this data privacy policy is intended to inform you about the details of the processing of your data and your associated rights.

We reserve the right to adapt our data privacy policy with effect for the future, especially with regard to the development of our website, the use of new technologies or changes to underlying legislation and corresponding legal judgements.

We would recommend that you read the data privacy policy from time to time and to print out and store a copy with your records.

Definitions

  • Website“ or „online presence“ refers below to all pages of the controller at allinvos.de.
  • Personal data“ means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data are therefore data such as the name, e-mail address and phone number of a person, but possibly also information about their personal preferences, hobbies and club memberships.
  • Processing“ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Pseudonymisation“ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  • Consent“ below means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
  • Google“ below refers to Google, LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; it can be reached in the European Union under: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

Scope

This data privacy policy applies to all pages on www.allinvos.de. It does not extend to any website or online presence of other providers that may be linked to.

Provider responsible/ provider’s representative in the European Union (EU)

Party responsible for the processing of personal data (‘controller’) within the scope of this data privacy policy:

Allinvos GmbH

Frankfurter Straße 10-14

65760 Eschborn
Germany

Phone: +49 (0) 6196 77448 0

E-Mail: zukunft@allinvos.de

represented by: Mr Sascha de Clerque

Questions concerning data privacy

Please contact our data protection officer if you have any questions about data privacy with regard to our company or our website:

Spirit Legal LLP Rechtsanwälte

Attorney-at-law and data protection officer

Peter Hense

Postal address:

Data protection officer

c/o Allinvos GmbH

Frankfurter Straße 10-14

65760 Eschborn
Germany

Contact via encrypted online form:

Datenschutzbeauftragten kontaktieren

or at:

datenschutzbeauftragter@allinvos.de

Security

We have taken comprehensive technical and organisational measures to protect your personal data from unauthorised access, misuse, loss and other external accidental events. To this end, we review our security measures on a regular basis and update them to reflect the latest state of the art.

Your rights

You have the following rights with regard to personal data concerning you that you may assert against us:

  • Right of access (GDPR Article 15)
  • Right to rectification (GDPR Article 16) or erasure (GDPR Article 17),
  • Right to restriction of processing (GDPR Article 18),
  • Right to object to processing (GDPR Article 21),
  • Right to withdraw consent (GDPR Article 7 Section 3),
  • Right to receive data in a structured, commonly used and machine-readable format (“data portability”) and right to transmit those data to another controller provided the condition of GDPR Article 20 Section 1 Paragraphs a, b are met (GDPR Article 20)

You can assert your rights by notifying the contact whose details are listed under “Provider responsible” or by notifying the data protection officer designated by us.

You also have the right to lodge a complaint with a data protection supervisory authority about the way we process your personal data (GDPR Article 77).

Use of the website, access data

As a general principle, you can use our website for purely informational purposes without disclosing your identity. When you access one of the pages on the website in this way, only the data required for the web page to be presented to you will be transferred to our webspace provider. These include the following:

  • Browser type/ browser version
  • Operating system used
  • Language and version of the browser software.
  • Hostname of the accessing device
  • IP address
  • Website from which the request originates
  • Content of the request (actual page)
  • Date and time of the server request
  • Access status/ HTTP status code
  • Referrer URL (previously visited page),
  • Data volume transferred
  • Time zone difference to Greenwich Mean Time (GMT)

The temporary processing of the IP address by the system is necessary in order to allow the website to be technically delivered to your computer. Processing of your IP address is necessary for the duration of the session. The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f.

The access data are not used to identify individual users and are not merged with data from other sources. The access data are deleted when they are no longer needed to achieve the purpose for which they were processed. This is the case when you terminate your visit to the website if data are collected for the purpose of making the website available.

IP addresses are stored in logfiles in order to ensure the functionality of the website. Moreover, the data helps us to optimise the website and the ensure the security of our IT systems. In this context, the data are not analysed for marketing purposes. As a general principle, the data are deleted after seven days at the latest – further processing above and beyond this is possible in individual cases. In such a case, the IP address will be altered in such a way that it will be no longer possible to attribute it to the calling client.

It is absolutely essential to capture the data for the provision of the website and to process the data in logfiles in order to operate the website. You may object to this processing. In the event of a valid objection, we will examine the facts of the case and either cease or modify data processing, or provide compelling legitimate grounds that justify our continued data processing.

Cookies

In addition to the access data described above, so-called cookies are stored in the web browser of the device you use when you access the website. These are small text files containing a sequence of numbers that are stored locally in the buffer of the browser used. Cookies are not a part of a PC system and cannot execute any program. They are used to make our website more user-friendly. The use of cookies may be technically necessary, or may be used for other purposes (e.g. analysis/ evaluation of website use).

  1. Technically necessary cookies

Some elements on our website require the calling browser to be identified even after switching to another page. The following data in the cookies are processed this case:

  • Language settings
  • Items in the shopping cart
  • Log-in information

User data collected by cookies that are technically necessary are not used to create user profiles. We also use „Session-Cookies“ that store a session ID and which are used to attribute the various requests made by your browser during the entire session. Session cookies are necessary for you to use the website. In particular, they enable us to recognise the device you use when you return to the website. We use this type of cookie to recognise you when your revisit our website when you have an account with us, as otherwise you would have to log back in again on each visit. The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. We use session cookies to make your website experience more attractive and effective. Session cookies are deleted as soon as you log out or close your browser.

Most browsers are preconfigured to accept cookies automatically. You may object to the processing of your data by cookies. You can disable or restrict the transmission of cookies by changing the settings in your web browser. Any cookies that are already stored can be deleted at any time. This can also be automated. If you disable cookies for our website, you might not be able to use all the functions of the website to their full extent.

  1. b) Technically unnecessary cookies

In addition, we also use cookies on our website that allow users’ surfing behaviour to be analysed. In this case, data such as the following are stored and processed:

  • Search terms entered
  • Frequency of page access
  • Use of website functions

These cookies are used to make your website experience more efficient and attractive. The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. Cookies that are not technically necessary are automatically deleted after a predefined period that can vary from cookie to cookie.

You may object to the processing of your data by cookies. If you do not wish cookies to be used, you can change your browser settings to block cookies from being stored – either generally or selectively – and to remove cookies that are already stored. You can also opt to display corresponding information before a new cookie is set. Changing your browser’s settings regarding the use of cookies or disabling them may possibly restrict the functional scope of the website.

We provide separate information below about the integration of cookies from third-party providers on our website.

Contacting our company

When you contact out company, for example by e-mail or using the contact form on the website, we will process the personal data you disclose to us in order to process your request.

You will need to provide the following information for us to be able to process a request sent via the contact form on the website: your name or a pseudonym, name and address of the hotel, financial accounting system used, the number of vendor invoices per year and a valid e-mail address. Furthermore, the following data will be processed at the time you send your message to us:

  • IP address
  • Date/ time of registration

The legal basis for processing data is GDPR Article  6 Section 1 Subsection 1 Paragraph f or Article 6 Section 1 Subsection 1 Paragraph b if the purpose of making contact is to enter into a contract.

The sole purpose of processing personal data from the input mask is to deal with the contact request. In the case of contact by e-mail, there is also the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent any misuse of the contact form and to ensure the protection of our IT systems.

No data are disclosed to any third party in connection with this. The data are used for the sole purpose of processing the dialogue. We will erase any data made available in this context once processing is no longer necessary, or we will restrict processing to ensure compliance with any existing statutory requirements for us to retain this data.

You may object to the processing of your personal data for contact requests at any time. This is the case, in particular, when processing is not necessary for the performance of a contract with is, which is explained by us in the above description of the individual functions. It may not be possible to continue processing in this case. In the event of a valid objection, we will examine the facts of the case and either cease or modify data processing, or provide compelling legitimate grounds that justify our continued data processing.

Processing and disclosure of personal data for contractual purposes

We process your personal data when and to the extent that this is necessary for initiating, establishing, performing and/ or terminating a legal transaction with our company. The legal basis for this is GDPR Article 6 Section 1 Subsection 1 Paragraph b.

After the purpose has been fulfilled (e.g. performance of a contract), the personal data will be blocked from any further processing or erased unless we have been authorised to retain the them and to process them in the relevant context on the basis of consent granted by you (e.g. consent to processing of your e-mail address for the dispatch of electronic marketing material), a contractual agreement, legal authorisation (e.g. authorisation to send direct advertising) or on the basis of legitimate interests (e.g. retention for the assertion of claims).

Personal data will be passed on when

  • It is necessary for establishing, performing or terminating legal transactions with our company (e.g. when disclosing data to a payments processor/ carrier in order to perform a contract with you), (GDPR Article 6 Section 1 Subsection 1 Paragraph b), or
  • A subcontractor or agent who we commission for the sole purpose of providing you with the products and services that you request requires these data (unless we explicitly notify you otherwise, such auxiliary persons are only authorised to process data to the extent that this is necessary for the provision of the goods or services), or
  • An enforceable administrative order exists (GDPR Article 6 Section 1 Subsection 1 Paragraph c), or
  • An enforceable judicial order exists (GDPR Article 6 Section 1 Subsection 1 Paragraph c), or
  • We are obliged to do so by law (GDPR Article 6 Section 1 Subsection 1 Paragraph c), or
  • Processing is required to protect the vital interests of the data subject or of another natural person (GDPR Article 6 Section 1 Subsection 1 Paragraph d), or
  • We are authorised or even obliged to pass on the data in pursuit of overriding legitimate interests (GDPR Article 6 Section 1 Subsection 1 Paragraph f).

Any further disclosure of your personal data above and beyond this to other persons, companies or official agencies will not occur unless you have granted your effective consent to such disclosure. The legal basis for this processing is then GDPR Article 6 Section 1 Subsection 1 Paragraph a.

Subcontractors

The controller makes use of the services of third parties to process data on behalf of the controller – such third parties process data on the latter’s behalf (“subcontractors”). The following companies may be involved (depending on the type of contract):

cisbox GmbH
Brühler Str. 58
DE-42657 Solingen

FutureLog AG
Oberneuhofstrasse 12
CH -6340 Baar

AKTIVBANK AG
Postfach 71 03 11
DE-60493 Frankfurt

DEHAG Hospitality Group AG
Frankfurter Str. 10-14
DE- 65760 Eschborn

valido GmbH
Steinacher Str. 6
DE- 90427 Nürnberg

E-mail marketing

Advertising and existing customers

We reserve the right to process the e-mail address provided by you during registration in accordance with statutory provisions for the purpose of sending you content such as that listed below by e-mail during and following contract performance unless you have already objected to the processing of your e-mail address:

  • Additional interesting offers from our portfolio,
  • Information about events of our company,
  • Technical information,

The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. We perform the aforementioned processing for customer care purposes and to increase the quality of our services. We will erase your data if you cancel your newsletter subscription, however within two years after termination of your contract at the latest.

We wish to point out that you may object to receiving direct advertising at any time without incurring any higher charges for transmission than the base tariff. In order to do this, click on the unsubscribe link in the newsletter or send us your objection to the contact whose details are listed under “Provider responsible”.

Newsletter

You have the possibility on our website to subscribe to our newsletter, which we use to inform you about the following topics:

  • Offers from our portfolio,
  • Information about events of our company,
  • Third-party offers (and events) insofar as you have given your consent to this,
  • New items/collections,
  • Special offers/ temporary offers

The following personal data must be provided in order to receive our newsletter:

  • Recipient (name or pseudonym)
  • Valid e-mail address

Registration for our e-mail newsletter involves a double opt-in process. After you input data into the fields marked as mandatory, we will send an e-mail to the e-mail address entered requesting you to explicitly confirm your registration for the newsletter (by clicking on a confirm link). This is how we ensure that you actually wish to receive our e-mail newsletter. If confirmation is not provided within 24 hours, we will block the information transmitted to us and automatically delete it within one month at the latest.

Moreover, he following data are also processed when you subscribe:

  • IP address
  • Date/ time of registration for the newsletter,
  • Time of your confirmation via the confirm link.

We process your IP address, the time of your registration for the newsletter and the time of your confirmation in order to document your newsletter registration and to prevent the misuse of your personal data. The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. We will process these data for two years after termination of your contract. When you subscribe to our newsletter without concluding a contract, we will process these data for two years following the end of the particular use. We will erase these data on termination of the newsletter subscription.

After your confirmation, we will process the e-mail and address and name/ pseudonym of the recipient in question for the purpose of sending out our e-mail newsletter. The legal basis for this processing is GDPR Article 6Section 1 Subsection 1 Paragraph a. We will erase these data when you terminate your newsletter subscription.

Consent to the processing of your e-mail address for the receipt of the newsletter may be withdrawn at any time, either by sending us a message (cf. contact data under “Provider responsible/ provider’s representative in the European Union” or by unsubscribing directly using the link contained in the newsletter.

“MailChimp” e-mail marketing service

We use the “MailChimp” e-mail marketing service provided by the Rocket Science Group, LLC (675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA, web: https://mailchimp.com/; hereinafter: “MailChimp”).

If you subscribe to our newsletter, the data you disclosed on registration will be stored and processed on MailChimp servers in the USA. MailChimp processes this information on our behalf to send out and analyse the newsletter. MailChimp newsletters contain so-called “web-beacons” – pixel-sized files that are retrieved by the MailChimp server when the newsletter is opened. During access, technical information such as browser used, the time at which the page was accessed and IP address is collected. This information is processed for the analysis and technical optimisation of the service. Furthermore, an analysis is also performed to see whether newsletters are opened, when they are opened and what links the reader clicks on. This information can in theory be attributed to individual newsletter recipients. However, neither we nor MailChimp intend to monitor individual recipients. The analysis of the listed information serves rather to identify the reading habits of recipients in order for us to adapt and disseminate the content of our newsletters accordingly. The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. We have no knowledge of the storage period at MailChimp and we have no influence over it.

You may object to processing with effect for the future by clicking on the unsubscribe link at the bottom of the newsletter. This will also terminate processing for the receipt of the newsletter and for statistical analysis It is not possible to object to dispatch via MailChimp and statistical analysis separately.

Alternatively, you can object under http://www.aboutads.info/choices/ and http://www.youronlinechoices.com/ (for the territory of the European Union).

Furthermore, according to information supplied by MailChimp, they can use the transmitted information to optimise and improve their own services, for example to technically optimise the way the newsletters are sent out and displayed. According to MailChimp, they do not process the data in order to send you their own data, and they do not pass on the data to third parties.

It may happen that, as recipient of the newsletter, you are transferred to MailChimp’s website, for example when you have display problems in your e-mail application and you click on the link contained in the newsletter to access the newsletter online. We would point out in this connection that additional analytical services and cookies may be deployed on the MailChimp website that might well process your personal data on MailChimp's behalf. We have no influence on this processing.

MailChimp is certified under the US-EU „Privacy Shield“ data protection agreement and undertakes to comply with the data protection stipulations of the European Union. You can find more information on the MailChimp website at https://mailchimp.com/legal/privacy/.

Hosting

We use external hosting services for the provision of the following services: infrastructure and platform services, computing capacity, storage resources and database services, security and technical maintenance services. In this case, all data necessary for the operation and use of our website are processed.

We use external hosting services to operate our website. Our aim in using external hosting services is to achieve the efficient and secure provision of our web services. The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f.

It is absolutely essential to capture data for the provision of the website and to process data via external web-hosting providers in order to operate the website. You may object to this processing. In the event of a valid objection, we will examine the facts of the case and either cease or modify data processing, or provide compelling legitimate grounds that justify our continued data processing.

Integration of third-party content

The website integrates third-party content such as video clips, maps, RSS feeds and images from other websites. This integration assumes that the providers of this content (“third-party providers”) will note the IP addresses of users, because it is not possible for them to send the content to the relevant user’s browsers without the IP address. The IP address is therefore necessary for this content to be displayed.

We strive to only use content from third-party providers who process the IP address for the sole purpose of delivering content. However, we have no influence on third-party providers processing the IP addresses, e.g. for statistical purposes. Below we provide clarification insofar as we are aware of this.

Some third-party providers may process data outside the European Union.

You may object to this by installing a JavaScript blocker like the ‘NoScript’ browser plugin (www.noscript.net) or by disabling JavaScript in your browser.

However, this may result in restricted functionality on the website.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter: “reCAPTCHA”) on our website. The provider of the service is Google.

reCAPTCHA is intended to check whether data input on the website (e.g. in a contact form) was performed by a human being or by automated software. To this end, reCAPTCHA analyses a visitor’s behaviour based on a number of different characteristics. This analysis starts automatically as soon as a user accesses the website. reCAPTCHA evaluates a variety of information for the analysis (e.g. IP address, duration of the user’s visit to the website or the user's mouse movements). The data collected in the analysis are forwarded to Google.

reCAPTCHA analysis runs entirely in the background. You are not notified that an analysis is taking place.

The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. We have a legitimate interest in protecting our website against improper, automated spy attacks and unwanted e-mail advertising (SPAM). We have no knowledge of the storage period at reCAPTCHA and we have no influence over it.

You may object to the processing of your data at any time. This is the case, in particular, when processing is not necessary for the performance of a contract with us; this is explained by us in the preceding description of the individual functions. It may not be possible to continue processing in this case. In the event of a valid objection, we will examine the facts of the case and either cease or modify data processing, or provide compelling legitimate grounds that justify our continued data processing.

You can find more information about Google reCAPTCHA and Google's data privacy policy at: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.

Integration of Google Maps

This website uses the “Google Maps“ service from Google to display sections of maps, giving you the convenience of using the map function on this website.

Your visit to our website provides Google with the information that you called the web page in question on our website. In addition, the data listed under “Access data” are also transmitted to Google. This happens independently of whether you have a Google user account to log in with, or whether you have no user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish assignment to your Google profile, you must log out before clicking on the button.

Google stores your data as usage profiles and processes them for the purpose of advertising, market research and/or tailoring its website to requirements. This analysis is conducted (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website.

The legal basis for this processing is GDPR Article 6 Section 1 Subsection 1 Paragraph f. Processing enables us to make our website a more enjoyable experience and to offer you additional services. We have no knowledge of the storage period at Google and we have no influence over it.

You can obtain further information about the purpose and scope of data processing by the plugin provider in the provider’s data protection policy. There you will also find additional information about your respective rights and settings options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and is subject to the terms of the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework. You can find further information about the terms of use of Google Maps at https://www.google.com/intl/de_de/help/terms_maps.html.

You have the right to object to the creation of such user profiles; however, you must contact Google direct in order to exercise this right.. You can disable or restrict the transmission of cookies by changing the settings in your web browser. Any cookies that are already stored can be deleted at any time. This can also be automated. If you disable cookies for our website, you might not be able to use all the functions of the website to their full extent.

Usage-based online advertising

Facebook Custom Audiences

In addition, this website uses the “Website Custom Audiences” function via the “Facebook pixel” from Facebook Inc. (the provider is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, e-mail: impressum-support@support.facebook.com, information about data privacy at: https://www.facebook.com/privacy/explanation; im Weiteren: „Facebook“).

This allows users of the website to be shown interest-based advertisements (“Facebook ads”) when they visit the Facebook social network or other websites also using the same process. Our aim here is to show you advertising that is of interest to you in order to make our website more interesting for you.

Owing to the marketing tools that are deployed, your browser automatically establishes a connection to the Facebook server. We have no influence on the scope and further processing of the data that are collected by Facebook through the deployment of this tool and therefore provide the following information based on the knowledge at our disposal. By integrating Facebook Custom Audiences, Facebook is given the information that you called the corresponding page of our website or clicked on one of our ads. If you are registered with a Facebook service, Facebook can attribute the visit to your account. Even if you are not registered with Facebook, or are not logged in, it is possible for the provider to find out and store your IP address and other identifying characteristics.

The legal basis for this processing is GDPR Article  6 Section 1 Subsection 1 Paragraph f. We do not store any personal data about you in this case. We have no knowledge of the storage period at Facebook and we have no influence over it.

It is possible for users who are logged in to disable the “Facebook Custom Audiences” function at https://www.facebook.com/settings/?tab=ads#_ in order to exercise your right to object.

You can prevent the “Facebook Custom Audiences” function in various ways and thus exercise your right to object:

  • Change the corresponding setting in your browser software to suppress third-party cookies and to prevent any third-party provider ads being displayed;
  • Disable interested-based advertisements of providers who are part of the “About Ads” self-regulating campaign at http://www.aboutads.info/choices, this setting will be deleted when you delete your cookies.

 

You can find more information about processing by Facebook at https://www.facebook.com/about/privacy.

Facebook Analytics

We use the tracking pixel from Facebook Inc. (the provider is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, e-mail: impressum-support@support.facebook.com, information about data privacy at https://www.facebook.com/privacy/explanation; im Weiteren: „Facebook“) to track your user behaviour. The information collected by the tracking pixel cookie serves us solely for statistical purposes, is supplied to us by Facebook in an anonymised form and provides no indication about the user’s identity. It is however associated with your Facebook account in accordance with Facebook’s data privacy policy, stored and used for Facebook’s own marketing purposes in accordance with its data use policy, which also allows transmission of your data to Facebook’s partners. Even if you are not registered with Facebook, or are not logged in, it is possible for the provider to find out and store your IP address and other identifying characteristics.

These data are processed on the basis of GDPR Article 6 Section 1 Subsection f. We deploy Facebook Analytics in order to be able to better analyse our web offering and to improve the services we provide. We do not store any personal data about you in this case. We have no knowledge of the storage period at Facebook and we have no influence over it.

Users who are logged in can disable the “Facebook Analytics” function at https://www.facebook.com/settings/?tab=ads#_ in order to exercise their right to object.

You can prevent the “Facebook Analytics” function in various ways and thus exercise your right to object:

  • Change the corresponding setting in your browser software to suppress third-party cookies and to prevent any third-party provider ads being displayed;
  • Disable interested-based advertisements of providers who are part of the “About Ads” self-regulating campaign at http://www.aboutads.info/choices, this setting will be deleted when you delete your cookies..

You can find out more about Facebooks data protection provisions by referring to its data privacy policy at https://de-de.facebook.com/about/privacy/.

 

Social network plugins

Social network plugins are integrated with our website. These are made available by the following providers:

The plugins can be recognised on our website by the lettering or small stylised icons listed above.

We provide the possibility for you to communicate directly with the plugin provider via the button. It is only when you click on the labelled field to activate it that the plugin provider will receive the information that you have requested the corresponding page of our website. In addition, the data listed under “Access data” are also transmitted.

Facebook and Xing both state that the IP address is anonymised in Germany immediately after collection. Activating the plugin therefore causes personal data to be transferred to the plugin provider in question and processed (in the case of US providers, in the USA). Since the plugin providers collect data in particular via cookies, we recommend that you delete all cookies via the security settings in your browser before clicking on the greyed-out box.
Wir haben weder Einfluss auf die erhobenen Daten und Verarbeitungsvorgänge, noch sind uns der volle Umfang der Datenverarbeitung, die Zwecke der Verarbeitung, die Speicherfristen bekannt. Auch zur Löschung der erhobenen Daten durch den Plug-in-Anbieter liegen uns keine Informationen vor.

We have no influence on the collected data and on the processing procedures, and we do not know the full scope of data processing, the purposes of processing or the storage periods. We do not have any information concerning the erasure of the collected data by the plugin provider, either.

The plugin provider stores the data collected about you as usage profiles and processes these data for the purpose of advertising, market research and/or tailoring its website to your requirements. This analysis is conducted (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website.

The legal basis for the use of plugins is GDPR Article 6 Section 1 Subsection 1 Paragraph f. The plugins enable us to offer you the possibility of interacting with social networks and other users, and allow us to improve our offering and make it more interesting for you as a user.

You have the right to object to the creation of such user profiles; however, you must contact the relevant plugin provider direct in order to exercise this right. You can prevent the creation of user profiled in various ways and thus exercise your right to object:

  • Making a corresponding setting in your browser software will result in third-party cookies being suppressed and not seeing any third-party provider ads;
  • Disable interested-based advertisements of providers who are part of the “About Ads” self-regulating campaign at http://www.aboutads.info/choices, this setting will be deleted when you delete your cookies.

Data are passed on irrespective of whether you have an account with a plugin provider and are logged in there. If you are logged in to a plugin provider, the data collected from us will be assigned directly to your account with that plugin provider. If you click on the activated button and, for example, link the page, the plugin provider will also store this information in your user account and share it publicly with your contacts.

We recommend that you regularly log out after using a social network, especially before clicking on the button, as this will prevent the assignment to your profile with the plugin provider.


Copyright by Spirit Legal LLP

Zertifikat-grau_DEHAG-Hotel-Service-AG_Gruppe Data Protection