Information regarding the Collection, Processing and Usage of Data.
For SilverTours GmbH ("us"), Holzmarkt 2a, 50676 Cologne, Germany, your confidence in the appropriate handling of your data is an important prerequisite for the success of the offer extended by SilverTours GmbH. The collection, the recording, the organisation, the arrangement, the storage, the adaptation or modification, the reading-out, the querying, the usage, the disclosure by transmission, dissemination or any other form of supplying, the reconciliation or the linking, the restriction, the deletion or the destruction of your data will be carried out in accordance with applicable UK and EU data protection law.
This data protection policy applies to the personal data processed in relation to the online website at https://www.camperdays.com/.
1. Name and Address of the Controller
The controller of your personal data is SilverTours GmbH, Holzmarkt 2a, 50676 Cologne, Germany, telephone: 0044 808 189 0178 (at your telephone provider's fixed network rate), firstname.lastname@example.org.
2. Collection, Processing and Usage of Personal Data
Personal data is any information which relates to an identified or identifiable natural person (e.g. name, physical address, telephone number, birthdate or e-mail address). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing refers to each process, or each such series of processes, implemented with or without the aid of automated procedures in relation to personal data such as the collection, the recording, the organisation, the arrangement, the storage, the adaptation or modification, the reading-out, the querying, the usage, the disclosure by transmission, dissemination or any other form of supplying, the reconciliation or the linking, the restriction, the deletion or the destruction thereof.
In principle, you may use our online website without providing personal data. However, the usage of certain services may require the processing of personal data, e.g. registration, the booking of a rental vehicle or the participation in a sweepstakes competition. Obligatory data fields will be marked.
Insofar as you would like to utilise services which require the conclusion of a contractual agreement, we will ask you to provide the required personal data which we need for the purposes of the performance and the fulfilment of the contractual agreement (e.g. your forename and your surname, the forenames and the surnames of the persons travelling with you, your age, the ages of the persons travelling with you, your e-mail address, your physical address, any relevant information regarding the requested payment method and/or the account holder) as well as any additional data provided on a voluntary basis. We will collect and process these data during the booking process.
In order to be able to conclude a contractual agreement with you, we provide your personal data to your provider of choice and, where applicable, also provide such data to ERGO where a supplemental insurance agreement is to be concluded. We explain below which personal data we collect and use and which personal data we provide to the provider of your choice and/or ERGO.
We, the provider and ERGO, require your name and your address for identification purposes.
We and ERGO require the forenames, surnames and ages of the persons travelling with you in order to ensure insurance coverage for all persons travelling with you.
We require your e-mail address in order to send you the confirmation, invoice and campervan voucher. Your e-mail address will not be disclosed to the provider or ERGO.
We require your telephone number so we can contact you if an urgent need arises, e.g. in the case of an erroneous booking. Your telephone number will not be disclosed to the provider or ERGO.
We require your age in order to verify that you are of appropriate age to make the rental and in order to, as required, indicate to you what alternatives exist for you. We require the ages of the persons travelling with you in order to reconcile the requested occupancy of the campervan with the maximum occupancy of the campervan.
For the payment of the fee for the campervan, we require your payment data, including your credit card data in the case that you wish to pay by credit card. If you select the “non-binding enquiry” option, we will not require your payment data. If you pay by credit card, the data will be forwarded to the credit card company for authorisation purposes. Your payment data will be transmitted in an encrypted fashion to our partner Stripe and handled confidentially. Stripe is one of the leading bank-independent payment service providers in Europe. Your payment data will not be disclosed to the provider or ERGO.
We integrate payment services from third-party companies on our website. If you make a purchase with us with a credit card, your payment data (e.g. name, payment amount, account details, credit card number) will be processed by the payment service provider for the purpose of payment processing. The respective contract and data protection provisions of the respective provider apply to these transactions. The payment service providers are used on the basis of Art. 6 Para. 1 lit.b GDPR (contract processing) as well as in the interest of a smooth, comfortable and secure payment process (Art. 6 para. 1 lit f GDPR). Insofar as your consent is requested for certain actions, Art. 6 Para. 1 lit. a GDPR is the legal basis for data processing; Consents can be revoked at any time for the future.
We use the following payment services / payment service providers on this website:
The provider for customers within the EU is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.
You can read details on this in Stripe's data protection declaration under the following link: https://stripe.com/de/privacy.
Customer care services
In order to be able to offer you the best possible customer service before, during and after the booking, we use the services of Cloud Telephony AWS Connect. The operator is Amazon Web Services Inc, 410 Terry Avenue North, Seattle WA 98109, United States. AWS Connect enables phone contact from or to a customer. If you contact our customer service by phone, call data relating to your request will be saved in AWS. In addition, telephone calls can be recorded or transcribed for quality assurance purposes with your prior consent by telephone. We thereby fulfil our contractual obligations, e.g. within the framework of the guarantee, or we process your data with Zendesk for the traceability and documentation of the processes, for the clarification of questions and for the internal evaluation and improvement of our service, in which we have a legitimate interest in each case. AWS contractually assures us that your personal data will be stored within the EU. However, data can also be transferred to the USA for AWS service and support purposes commissioned by us. We have concluded a contract with AWS on standard data protection clauses in accordance with Art. 46 GDPR. The USA is still a country that does not offer adequate protection for personal data according to EU regulation 2016/679; This means, among other things, that US government agencies could have the ability to gain access to your data without effective remedial action in place. Further information on data protection at AWS can be found at: https://aws.amazon.com/compliance/data-privacy-faq/.
The use of Amazon Connect is based on Art. 6 Para. 1 lit. b or lit.f GDPR. The website operator has a legitimate interest in the most efficient possible customer management and customer communication. If a corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 1 lit. a GDPR; the consent can be withdrawn at any time.
Storage period: The storage period of contractual data is based on the statutory retention periods (6 and 10 years) and for all other data on our legitimate interest and the purpose-related necessity.
The data transfer to third countries outside the European Union is based on the standard contractual clauses of the EU Commission. Details and further information on data protection can be found here: https://aws.amazon.com/compliance/germany-data-protection/.
2.3. Processing Purposes and Legal Basis
We will process your personal data for the following purposes:
2.3.1. Providing this online website and the contractual performance of our General Business Terms and Conditions.
Legal basis: Contractual performance.
2.3.2. Personalisation of offers.
Legal basis: Contractual performance or consent.
2.3.3. Self- and third-party advertising as well as market research and coverage measurement in the legally-permissible scope and/or in a consent-based manner.
Legal basis: Legitimate interest.
Implementation of sweepstakes in accordance with the relevant sweepstake terms and conditions.
Legal basis: Consent or legitimate interests.
2.3.5. Sending an e-mail newsletter.
Legal basis: Legitimate interest.
2.3.6. Sending a newsletter subject to the recipient’s consent via e-mail and/or SMS/MMS.
Legal basis: Contractual performance.
3. Dissemination of Data to Third Parties, Service Providers
3.1. Dissemination of Data to Third Parties
Your personal data will be disclosed to third parties only then insofar as this is required for contractual performance, we or the third party have a legitimate interest in the disclosure or your consent has been granted in this regard.
Moreover, personal data will be passed on to third parties insofar as we should be obliged to do so in accordance with the statutory directives or an enforceable government or court order.
3.1.1. Service Providers
We provide your personal data to our service. The service providers will receive from us only the personal data which they require for their work activities. Thus, for example, your e-mail address may be passed on to a service provider so that this service provider can deliver a newsletter to you that you have ordered. Service providers may also be commissioned to provide server capacities. As a rule, service providers are integrated as so-called contracted data processors who may process the personal data of this website’s users only in accordance with our instructions.
3.1.2. Transfer of Data to Non-EEA Countries
We also pass on personal data to third parties and/or contracted data processors who have their commercial residence in non-EEA countries. In this case, before disclosing, we will ensure that the recipient provides an adequate level of data protection (e.g. based upon an adequacy ruling issued by the EU Commission for the respective country or the agreement on the basis of so-called EU Standard Contractual Clauses of the European Commission with the recipient) and/or your consent upon the part of our users has been provided. For copies of this safeguard, please contact us using the information in the Contact section.
3.2. Duration of the Storage; Retention Timeframes
We will store your data as long as this is required for the supplying of our online offers and related services and/or we have a legitimate interest in the continued storage. In all other cases, we will delete your personal data with the exception of such data which we must continue to retain (e.g. invoices) in order to fulfil statutory (e.g. tax law or commercial law) retention timeframes.
4. Log Files
During each usage of the Internet, your Internet browser will automatically transmits specific information which we will store in so-called log files.
The log files are stored by us in order to identify disruptions and for security reasons (e.g. for the clarification of attack attempts) for a maximum of 60 days and then deleted. Log files for which continued retention is required for documentation purposes will be excluded from deletion until the respective event has been definitively clarified and may be passed on in the individual case to the government investigative agencies.
In particular, the following information is stored in the log files:
IP address (Internet protocol address) of the device from which the online website is accessed;
Internet address of the website from which the online website was accessed (so-called origin or referrer URL);
Name of the service provider via which the access is made to the online website;
Name of the retrieved files and/or information;
Date and time of day as well as the length of the retrieval;
Transferred data quantity;
Operating system and information regarding the Internet browser being used;
HTTP status code (e.g. “query successful” or “requested file not found”).
5.1. What are cookies?
Cookies are small text files which are sent during the visit to an Internet site and stored in the user’s browser. If the corresponding Internet site is visited once again, the user’s browser will send the content of the cookies back and thus enable an identification of the user. Certain cookies are automatically deleted after the browser session ends (so-called session cookies); others are stored for a prescribed timeframe and/or permanently in the user’s browser and then independently deleted (so-called temporary or permanent cookies).
5.2. What data is stored in the cookies?
No names, address or e-mail address are stored in the cookies, but rather only an online identifier.
5.3. How can you control the cookies?
You can, via your browser’s settings, deactivate the storage of cookies and also delete any cookies at any time that have already been stored in your browser (see the Technical Notes section below). However, please keep in mind that without cookies, this website may not function or only function to a limited extent.
Moreover, please keep in mind that objections to the creation of user profiles may function only partially via a so-called “opt-out cookie”. If you should delete all cookies, such an objection will thus no longer be valid and must be lodged once again by you.
Cancel all cookies: Opt-Out
(The cookies that are strictly necessary, as mentioned in 5.4.1 below, are exempted)
5.4. Which cookies do we use?
5.4.1. Strictly necessary cookies
Certain cookies are required so that we can securely provide our online website. These categories include, for example:
Cookies which serve to identify and/or authenticate our users. Thus, we can recognise whether you have already visited our website. The validity of these cookies is a maximum of 2 years. After this timeframe lapses, the cookie is automatically deleted.
Cookies which store specific user entries temporarily for the respective booking process. They serve to identify the pages that you have visited during an individual session. Thus, it makes it possible to recognise and store the data required for the booking as being your data until the booking has been completed. The data will be automatically deleted as soon as you close your browser.
Cookies which store specific user preferences (e.g. search or language settings).
We use analysis cookies in order to be able to record the user behaviour (e.g. advertising banners clicked, sub-pages visited, search queries made) and to evaluate them in statistical form.
5.4.3. Advertising Cookies
5.4.4. Third-Party Advertising Cookies
We also permit other companies to collect our users’ data via advertising cookies. This enables us and third parties to display Interest-Based Advertising to the users of our online website which is based upon an analysis of their usage behaviour (e.g. advertising banners clicked, sub-pages visited, search queries made) overall and is not restricted to our online website.
5.4.5. Tracking Cookies in Conjunction with Social Plug-Ins
The integration of Social Plug-Ins frequently results in the providers of the plug-ins storing cookies.
5.5. Technical Notes
Internet Explorer: Instructions at https://support.microsoft.com/en-us/hub/4230784/internet-explorer-help#ie=ie-11-win-7
Mozilla Firefox: Instructions at https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Google Chrome: Instructions at https://support.google.com/chrome/answer/95647
Safari: Instructions at https://help.apple.com/safari/mac/8.0/?lang=en#/sfri11471
6. Web Analysis
We use statistical information about the usage of our online website in order to be able to design it to be user-friendlier, to undertake coverage measurements and to conduct market research.
For this purpose, we use the following web analysis tools. The user profiles created by the tools via Analysis-Cookies or by evaluating the Log Files are not commingled with personal data.
The providers of the tools process data only as contracted data processors in accordance with our instructions and not for their own purposes.
The tools either do not use the users’ IP addresses at all or shorten them immediately after collection is made.
For each tool, you will find information about the respective provider and regarding how you can object to the collection and processing of data by the tool.
In the case of tools which work with opt-out cookies, it must be kept in mind that the opt-out functions are device- and/or browser-specific and in principle valid only for the device and/or browser being used precisely at that time. If you use multiple devices and/or browsers, you must select the opt-out setting on each individual device and on each individual browser being used.
Moreover, you can also prevent the creation of user profiles overall by generally deactivating the usage of cookies.
6.1. Google Analytics
Google Analytics is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use Google Analytics with the supplemental function offered by Google in order to anonymise the IP addresses: In this regard, as a rule, the IP address has already been shortened by Google within the EU and only in exceptional cases is it then shortened in the USA and in any case stored only in shortened form.
You can object to the collection and/or evaluation of your data by this tool by downloading and installing the browser plug-in that is available by clicking on the following link: Browser Add-On for the Deactivation of Google Analytics.
Mouseflow is provided by Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. Visits are randomly selected and recorded exclusively with an anonymised (shortened) IP address. No processing of personal data is conducted.
You can object to the collection and/or evaluation of your data by this tool by utilising the opt-out option by clicking on the following link: https://mouseflow.com/opt-out/.
We collect information about and evaluate user behaviour for the purposes of Interest-Based Advertising (also by third parties).
On this website, we present our users with advertising and/or special offers customised to their interests and limit the frequency that certain advertising is displayed. For this purpose, we use the tools that are described below.
The user profiles created by the tools via Advertising Cookies and/or Third-Party Advertising Cookies, so-called web beacons (invisible graphics which are also called pixels or tracking pixels) or comparable technologies will not be commingled with other personal data. The tools either do not process the users’ IP addresses at all or shorten them immediately after collection is made.
The respective provider will be a controller in relation to the processing of the data in relation to the tool unless we have stated something to the contrary. The providers of the tools may also possibly disseminate information to third parties for the aforementioned purposes.
For each tool, you can find information on the provider and how you can object to the collection of data via this tool below. Please keep in mind that you will not deactivate the advertising through your objection. Your objection will result only in you no longer being shown Interest-Based Advertising supported by your user behaviour.
In the case of tools which work with opt-out cookies, it must be kept in mind that the opt-out function is device- and/or browser-specific and is in principle valid only for the device and/or browser being used precisely at that time. If you use multiple devices and/or browsers, you must select the opt-out setting on each individual device and on each individual browser being used.
Moreover, you can also prevent the creation of user profiles overall by generally deactivating the usage of cookies.
Additional information on Interest-Based Advertising is available on the youronlinechoices.com consumer portal. Moreover, by clicking on the link below to this portal, you can also view the status of the activation with regards to the tools from various providers and object to the collection and/or evaluation of your data via these tools: aboutcookies.org.
A central objection option for various tools is also available by clicking on the following link:
7.1. Google Tag Manager
Google Tag Manager is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Through this service, website tags can be managed via one interface. Tags are small code elements on this website which, among others, serve the purposes of measuring traffic and visitor behaviour, recording the effectiveness of online advertising and social channels, utilising remarketing and the adaptation to target groups as well as testing and optimizing our website. In this regard, no cookies are used and likewise no personal data are collected.
You can find more information on Google Tag Manager at:
7.2. Google AdSense, Google Adsense Asynchronous
The provider of Google AdSense is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
You can object to the collection and/or evaluation of your data via this tool by following these user instructions issued by Google: https://support.google.com/ads/answer/7395996.
7.3. Google Ads Measurement
The provider of Google Ads Measurement is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Google Ads Measurement stores and processes information about your user behaviour on our Internet site. For this Google Ads Measurement uses, among others, cookies – i.e. small text files – which are stored locally in the cache memory of your web browser on your device and which enable an analysis of your usage of our Internet site.
We use Google Ads Measurement for marketing and optimisation purposes – particularly in order to be able to analyse the usage of our Internet site and to be able to continuously improve individual functions and offerings as well as the user experience. Through the statistical evaluation of the user behaviour, we can improve our website and design it to be more interesting for you as the user. Herein also lies our legitimate interest in the processing of the aforementioned information.
You can prevent the installation of cookies by deleting the existing cookies and deactivating the storage of cookies via the settings in your web browser. However, we wish to point out that, in this case, you may possibly not be able to comprehensively use all functions of our Internet site. You can also prevent the collection of the aforementioned information by Google by placing an opt-out cookie on the following linked webpage: https://adssettings.google.com/.
7.4. Google AdWords, User Lists, Conversion-Tracking
The provider of Google AdWords is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
In order to make people aware of our services, we activate Google Adwords ads and, in so doing, utilise Google conversion tracking for the purpose of personalised, interest- and location-based online advertising. The option of anonymising the IP addresses is regulated by Google Tag Manager via an internal setting which is not visible in the source for this webpage. This internal setting is set in such a manner that the anonymisation of the IP addresses is attained which is required by the German Data Protection Act.
The ads are displayed after search queries are made on the websites of the Google Advertising Network. We have the option of combining our ads with certain search terms. Via cookies, we can activate ads based upon the prior visits of a user to our website.
When clicking on an ad, a cookie is placed on the user’s computer by Google. You can also find more extensive information about the cookie technology that is utilised in Google’s comments on the Website Statistics and in the Data Protection Guidelines.
Via this technology, Google and we, as the customer, receive the notification that a user has clicked on an ad and was guided to our webpages. The information obtained in this regard is used exclusively for a statistical evaluation for the purpose of ad optimisation. We receive no information which could be used to personally identify visitors. The statistics provided to us by Google include the total number of users who have clicked on one of our ads and, where applicable, whether they were guided to our website via one of our website’s pages which is marked with a conversion tag. Based upon these statistics, we can determine which search terms resulted more often in a click on our ad and which ads led to the user initiating contact via the Contact form.
If you would not like this, you can prevent the storage of the cookies required for these technologies, e.g. via the settings on your browser. In this case, your visit will not be included in the user statistics.
In addition, you also have the option of selecting the types of Google ads and/or deactivating interest-based ads on Google via the Ads Settings. Alternatively, you can deactivate the usage of cookies by third-party providers by utilising the Deactivation Help in the network advertising initiative.
However, we and Google will continue to receive the statistical information regarding how many users have visited this website and when. If you would also not like to be included in these statistics, you can prevent this via supplemental programmes for your browser (e.g. with the Ghostery add-on).
You can find additional information on this tool here: https://support.google.com/adwords#topic=3119071.
If you would not like to receive any personalised Google Adwords advertising from us on other websites, you can deactivate this via Google Ads’ deactivation page: https://support.google.com/ads/answer/2662922.
7.5. Google Analytics Audiences
Google Analytics Audiences is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use Google Analytics Audiences in order to show ads activated within the parameters of the advertising services of Google and its partners only to such users who have also shown an interest in our online website or have certain characteristics (e.g. interest in certain themes or products which are determined based upon the websites visited) which we transmit to Google (so-called “remarketing audiences” and/or “Google Analytics audiences”). By using the remarketing audiences, we would also like to ensure that our ads correspond to the potential interest of the users and do not irritate the users.
You can find additional information on the data usage by Google, settings and objection options on Google’s websites:
https://policies.google.com/technologies/partner-sites (“Data Usage by Google during Your Usage of Websites o Apps of Our Partners”), https://policies.google.com/technologies/ads („Data Usage for Advertising Purposes“), https://adssettings.google.com/ („Managing Information which Google Uses in Order to Display Advertising to You“).
7.6. Google Dynamic Remarketing
The provider of Google Dynamic Remarketing is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
You can find additional information regarding this tool here: https://support.google.com/adwords#topic=3119071.
You can object to the collection and/or evaluation of your data via this tool by following these user instructions issued by Google: https://support.google.com/ads/answer/7395996.
7.7. Double Click (Google)
The provider of Doubleclick is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
You can find additional information on this tool here: https://policies.google.com/technologies/ads?hl=en.
You can object to the collection and/or evaluation of your data via this tool by following these user instructions issued by Google: https://support.google.com/ads/answer/7395996.
7.8. Bing Ads Universal Event Tracking (UET)
You can object to the collection and/or the evaluation of your data via this tool by following the user instructions issued by Microsoft as well as downloading and storing the opt-out cookie available by clicking on the following link: https://account.microsoft.com/privacy/ad-settings/.
The provider of Criteo is the Criteo SA Company, 32 Rue Blance, 75009 Paris, France.
On our webpages and our online websites, Criteo’s technology is used in order to collect information regarding the surfing behaviour of website visitors for marketing purposes in purely anonymised form and cookies are used for this. Criteo can analyse surfing behaviour and then indicate targeted product recommendations as a suitable advertising banner if other webpages are visited. On no account can the anonymised data be used in order to personally identify the visitors to the website. The data collected by Criteo is used merely in order to improve the website. On the bottom right of each displayed banner there is a small “i” (for information) which opens during a mouse-over which, if clicked, leads to a page where the systematics are explained and an opt-out is offered. If you click on an opt-out, an opt-out cookie is placed which will prevent the displaying of these banners in the future. No other usage or disclosure to third parties is made. Criteo cooperates with the following platforms:
AdForm; AdGeneration; Admax; AdMeta; AdScale; Adskom; AdStir; AdYouLike; Ameba; Amobee; ANTS; AOL Adtech; Appnexus; BidSwitch; BrightRoll Exchange; Cauly; Cheeta; Facebook; Fluct; FreeWheel; Fyber; Geniee; Google; Improve Digital; Index; InMobi; Inneractive; Inmobi; Ividence; kakao; Ligatus; LinkedIn; Mail.ru; MAX Ads; LiveIntent; MADS; MicroAd; Microsoft; Millennial (aka: One by AOL: Mobile); Mobfox; Mocoplex; MoPub; MSFT Corp; MSFT MAX; NasMedia; Nativo; Nend; Nexage; OpenX; Opera Mediaworks; Orange; Outbrain; Pinterest; Plista; Pubmatic; PulsePoint; Rubicon Project; Sharethrough; Smaato; SMART AdServer, Smart RTB+; SmartClip; Sovrn; SpotX; Stroer; Taboola; Teads; Telaria; TimesInternet; Toast Exchange; Triplelift; Twiago; Twitter; UCFunnel; Xrost; Unruly; Yahoo; Yandex; Yieldlab; Yieldmo; YieldOne; YieldPartners.
You can find additional information on this tool here: https://www.criteo.com/privacy/.
You can object to the collection and/or evaluation of your data via this tool by downloading and storing the opt-out cookie that is available by clicking on the following link: https://www.criteo.com/privacy/.
7.10. Resolution SmartTracking – Affiliate Tracking
For the conversion tracking of Resolution SmartTracking, cookies are set on the end devices of the users referred to our online store.
These cookies serve the sole purpose of correctly assigning the success of an advertising medium and the corresponding billing and success-based remuneration of an affiliate.
Personal data is only processed in pseudonymous form. Only the information about when a particular advertising medium was clicked by the respective end device is placed in the cookies.
In the tracking cookies, an individual sequence of numbers is stored, which cannot be assigned to an individual user, and which documents the advertising company, the affiliate as sales partner and the time of the user's action.
Information about the end device, e.g. the operating system and the calling browser, is also recorded in the process and used to check the mediation activities.
Company processing the data: Resolution Media München GmbH, Theresienhöhe 12, 80339 Munich, Germany.
Data processing purposes: conversion tracking to measure the success of advertising campaigns.
iframe on order confirmation page
Data collected: this list includes all data collected by or through the use of this service.
Orders in the webshop
Browser information (UserAgent)
Touchpoint to the advertising medium
Time of the ad clickReferer URL
Shopping cart content
The use of “Resolution SmartTracking” is based on Art. 6 lt. GDPR. The operator of the website has a legitimate interest, since only through the transmission of the affiliate ID, the affiliate remuneration can be settled.
Unsubscribing can be done via the following link: https://www.nonstoppartner.net/#optout
7.11. New Relic
The provider of New Relic is the New Relic Inc. Company, 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA.
On our website, we use a plug-in from New Relic’s web analysis service. This plug-in enables statistical evaluations of the website’s speed. Through the integration of the plug-in, New Relic receives the notification that a user has visited a corresponding page of the website. If a user visits a webpage of this website which contains such a plug-in, his browser will create a direct connection to New Relic’s servers. No personal data will be collected by New Relic. Your IP address – which is required for the communication with New Relic’s servers – will not be stored, used or transferred beyond the duration of your visit to our website.
If the user is also a user of New Relic’s services and is logged-in, New Relic can categorise the visit to their account at New Relic.
If you are a member of New Relic and would not like for New Relic to collect data about you on these webpages in order to associate you with your member data stored by New Relic, you must first log out before visiting these webpages at New Relic.
New Relic’s purpose and scope of the data collection and the continued processing and usage of the data by New Relic as well as the related rights and setting options for protecting the users’ privacy can be reviewed in New Relic’s Data Protection Guidelines at: https://newrelic.com/privacy.
You can object to the collection and/or evaluation of your data via this tool by utilising the opt-out option that is available by clicking on the following link: https://newrelic.com/termsandconditions/cookie-policy.
The provider of KAYAK is the KAYAK Europe GmbH Company, Fraumünsterstrasse 16, 8001 Zurich, Switzerland.
KAYAK operates a travel metasearch which links out to commercial operators of websites. The aforementioned advertising is usually compensated via a sale or click commission. KAYAK tracks the conversion using an anonymous tracking pixel. Tracking serves the purpose of a correct categorisation of the success of an advertising method and the corresponding billing to the partner, as well as the creation of reports.
The collection and storage of the data is based on Art. 6 para. 1 sec. 1 lit. a GDPR.
The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as they are no longer needed for the specified processing purposes.
The pixel remains on the partner's website for the duration of the agreement. The cookies used are deleted after a period of 30 days.
8. Our social media presence
Data processing through social networks
Responsible persons and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we and the operator of the social media platform are responsible for the data processing operations triggered during this visit. You can assert your rights (information, correction, deletion, limitation of processing, data portability and complaint) both to us and to the operator of the relevant social media portal (for example Facebook).Please note that, despite our joint responsibility with the social media portal operators, we do not have full control over the data processing operations of the social media portals. Our options depend to a large extent on the corporate policy of the relevant provider.
The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.
8.1. Social networks in detail
We have a profile on Instagram. Instagram is provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://www.facebook.com/help/566994660333381.
Linkin.bio for Instagram
We use Linkin.bio for Instagram from the provider Later, 88 E Pender Street, # 500, Vancouver, British Columbia, Canada.
The Instagram feed is loaded by the company Later with Linkin.bio or transmitted via Linkin.bio. The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimisation of our online services in accordance with Art. 6 Para. 1 lit. f GDPR. Linkin.bio for Instagram from Later processes IP addresses and device information to enable Instagram feed displays and to determine statistical data, such as access numbers. This data is anonymised or pseudonymised for Instagram before it is stored in the Later.com Linkin.bio database, unless it is required for the provision of the Instagram posts.
9. Facebook Pixel and Website Custom Audience
We present users with advertising and/or special offers which are customised to their interests (“Interest-Based Advertising”) and limit the frequency of certain advertising. For these purposes, we utilise the Website Custom Audiences tool from Facebook as well as the Facebook pixel.
The Facebook pixel encompasses a Java Script code which sends the following data to Facebook Ireland Ltd, Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”):
HTTP header information (including IP address, information on the web browser, website storage location, document, URL of the website and the user agent of the web browser as well as the day and time of day of usage);
Pixel-specific data; this encompasses the Pixel ID and Facebook cookie data including your Facebook ID (this data is used in order to associate events with a specific Facebook accounting account and categorise them to a Facebook user);
Supplemental information regarding the visit as well as the standard and user-defined data events. We use the following user-defined data events:
Content that was searched for and viewed at the product level;
Product was placed in the shopping basket;
Initiation of a check-out during the ordering process; as well as
Completion of the ordering process.
By using the hashed user-specific Facebook ID (contained in the Facebook cookie), Facebook checks in an automated fashion whether the data transmitted via the Facebook pixel has been categorised to a Facebook user. Insofar as no Facebook cookie has been stored in your browser, categorisation will not be made to one of the user groups referred to as a “custom audience”.
If a categorisation can be made to a Facebook user’s Facebook ID that is contained in the cookie, Facebook will assign to these users a “custom audience” based upon our defined rules insofar as the relevant applicable criteria have been fulfilled. We will use the information received in this manner for the displaying of adverts on Facebook (“Facebook Ads”). However, ads will only then be displayed with a minimum “custom audience” size of 20 different users – so that, when the ads are displayed, no inferences can be drawn regarding the characteristics of the individual users. The categorisation to a “custom audience” is made for a maximum of 180 days. This timeframe will begin to run anew if you visit our website again and the same “custom audience” rules have been fulfilled.
Facebook can categorise your visit to our website and your related activities to your Facebook user account. This is not possible for us. We only receive statistical information regarding the usage of our website via Audience Insights from Facebook.
Facebook disseminates your data to Facebook Inc., Facebook 1 Hacker Way Menlo Park, CA 94025, USA and uses your data in order to improve the quality of its advertising by using, among others, its optimisation algorithm in order to display Facebook Ads as well as improve the News Feed Ranking.
Right to Lodge an Objection:
If you would like to object to the usage of Facebook Website Custom Audiences, please click the button. A so-called opt-out cookie will then be placed which prevents the transmission of data via the Facebook pixel.
This opt-out cookie has in principle an unlimited effective timeframe. However, please keep in mind that the opt-out function is device- and/or browser-specific and in principle valid only for the device and/or browser being used at that precise time. If you use multiple devices and/or multiple browsers, you must select the opt-out setting on each individual device and on each individual browser being used.
10. Facebook Connect
We also offer you the option of an easier registration with Facebook. For this, you can use your existing user account at Facebook. By clicking on the “Log In with Facebook” button, you can utilise this registration option on our portal. In order to do this, it is necessary for you to already be registered with Facebook or have already obtained Facebook access.
If you want to log in with us via your Facebook account, you will be guided during a first step directly to Facebook. There, Facebook will ask you to log in or to register. At no time during this step will we find out your personal access data (user name and password).
During a second step, you will associate your profile at Facebook with the respective service for which you wish to register. You will then also find out which data from your Facebook profile has been transmitted to us. As a rule, they include your “public information” on Facebook and information which you publicly disclose or approve for the respective usage. As a rule, they include your name and your user ID (Facebook ID). In order to be able to contact you independently of Facebook, we also use your e-mail address stored at Facebook. You can receive an overview of which information is public in your profile via the settings menu of your Facebook profile (https://www.facebook.com/settings?tab=applications).
Facebook is certified in accordance with the Privacy Shield programme and thus offers a guarantee to follow European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC).
The legal basis for the data collection and data storage is your consent. If you would like to cancel the connection of Facebook Connect to our service, please log into Facebook and make the required changes to your profile’s settings. We will then no longer have the authorisation to use data from your Facebook profile.
11. Gravatar (Retrieval of Profile Photos)
In our blog, we use the Gravatar service from Automattic, Inc. 132 Hawthorne Street San Francisco, CA 94107, USA.
Gravatar is a service where users can register and store profile photos and their e-mail addresses. Whenever users leave contributions or comments with their respective e-mail address on other websites (above all in blogs), their profile photos can thus be displayed besides their contributions or their comments. In this regard, the e-mail address provided by the user is transmitted in encrypted form to Gravatar in order to check whether a profile has been stored for them. This is the sole purpose for the transmission of the e-mail address and it is not used for any other purposes, but rather is subsequently deleted.
The usage of Gravatar is done upon the basis of our legitimate interests because we, by using Gravatar, can offer the option to the authors of contributions and comments to personalise their contributions with a profile photo.
Automattic is certified in accordance with the Privacy Shield programme and thus offers a guarantee to follow European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC).
By displaying the photos, Gravatar finds out the users’ IP address because this is necessary for communication between a browser and an online service. You can find detailed information regarding the collection and usage of data by Gravatar in Automattic’s Data Protection Guidelines: https://automattic.com/privacy/.
If users prefer that their user photo does not appear with the comments where the user photo is linked to their e-mail address stored by Gravatar, they should use an e-mail address for commenting which is not stored at Gravatar. Moreover, we wish to point out that it is also possible to use an anonymous e-mail address or even no e-mail address at all if the users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transmission of data by not using our comment system.
12. Social Plug-Ins
This online website uses social plug-ins (“Plug-Ins”) from the following provider:
12.1. Social Plug-Ins from Facebook
Plug-Ins from the social network Facebook; Facebook is operated on www.facebook.com by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and at www.facebook.de by Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (“Facebook”). You can find an overview of the Plug-Ins from Facebook and their visual appearance here.
You can find information regarding data protection at Facebook here.
12.2. AddThis Plug-In (e.g. “Share” Button)
On our website, (“Plug-Ins”) from the AddThis bookmarking service are used which is operated by AddThis LLC, Inc 8000 Westpark Drive, Suite 625, McLean, VA 2210, USA (“AddThis”). The Plug-Ins are generally labelled with an AddThis logo, e.g. in the form of a white plus sign on an orange-coloured background. You can find an overview of the AddThis Plug-Ins and their visual appearance here: https://www.addthis.com/get/sharing.
Whenever you visit a webpage of our website which contains such a plug-in, your browser will create a direct connection to AddThis’ servers. The content of the Plug-In is transmitted by AddThis directly to your browser and integrated into the webpage. Through the integration, AddThis receives the notification that your browser has visited the corresponding page of our website and stores a cookie on your device in order to identify your browser. This information (including your IP address) is transmitted by your browser directly to an AddThis server in the USA and stored there. AddThis uses the data in order to create anonymised user profiles which serve as the basis for a personalised and interest-based advertising appeal to the visitors of the Internet sites with AddThis Plug-Ins.
In order to read about the purpose and scope of the data collection and the continued processing and usage of the data by AddThis, please review AddThis’s Data Protection Guidelines: https://www.addthis.com/privacy/privacy-policy.
If you would like to object to data collection by AddThis for the future, you can place a so-called opt-out cookie which you can download by clicking on the following link: https://www.addthis.com/privacy/opt-out.
12.3. Social Plug-Ins
The various providers of Plug-Ins are collectively referred to below as “Plug-In Providers”.
The Plug-Ins are integrated into the website via the so-called “Shariff Solution”. This ensures that during a visit to a webpage within this website no connection is created to the servers of the respective Plug-In Provider.
Only then if you activate the Plug-Ins will your Internet browser create a direct connection to the servers of the respective Plug-In Provider. In so doing, the Plug-In Provider receives a notification that your Internet browser has visited the corresponding webpage of our online website even if you do not have a user account with the provider or are not logged in at that time. Log files (including the IP address) are transmitted by your Internet browser directly to a server of the respective Plug-In Provider and, where necessary, stored there. This server may be located outside of the EU and/or the EEA (e.g. in the U.S.A.).
The Plug-Ins constitute independent extensions from the Plug-In Providers. Therefore, we have no influence over the scope of the data collected and stored by the Plug-In Providers via the Plug-Ins.
If you would prefer that the Plug-In Providers do not receive the data collected via this online website and, where applicable, to store and/or continue to use them, you should not use the relevant Plug-Ins.
You can in principle also prevent the downloading of the Plug-Ins entirely via add-ons for your browser called “script blockers”.
You can find additional information regarding the purpose and the scope of the collection as well as the continued processing and usage of your data by the Plug-In Providers as well as your rights and setting options for the protection of your data in the respective provider’s Data Protection Guidelines.
13. Customer Ratings
For the purpose of provider and product ratings, after completing a booking, with your consent where necessary, you will receive from us an informational message for quality assurance purposes that will be sent to your e-mail address so that you can rate our service. Your feedback about the provider is important to us so that we know whether you were satisfied with the provider whom you selected. However, we also want the provider to know if there is cause for criticism and whether this should necessitate a change in service. Thus, we sometimes pass on feedback in anonymised form to the providers. In order to safeguard your personal data, we never pass on personal data (such as your name or a booking number), but rather only pass on the star rating which you awarded. You can also rate our service directly via independent rating portals. When providing a star rating, you are welcome to provide your e-mail address through which we can contact you at a later date with regards to your rating. In this manner we can, for example, individually address your complaints, answer your questions or provide other assistance.
We use the Trustpilot A/S rating platform, Pilestræde 58, DK-1112 Copenhagen, Denmark (https://uk.trustpilot.com). Trustpilot is a controller with regards to the data provided by the customers on Trustpilot’s website. The rating is published on Trustpilot’s website and can also be depicted in so-called widgets on our website. You can review additional details in the Data Protection Guidelines (https://uk.legal.trustpilot.com/end-user-privacy-terms) of Trustpilot and its General Business Terms and Conditions (https://uk.legal.trustpilot.com/end-user-terms-and-conditions).
Mapbox is operated by MapBox Inc, 740 15th St Nw Suite 500 Washington, DC 20005 United States of America.
Mapbox is a service for displaying maps and is necessary to show you the offers available in a city's vicinity. In doing so, Mapbox uses technologies such as cookies and APIs. The following identifiers are processed: (a) IP address, (b) device and browser information, (c) operating system, (d) the content of the request, (e) the date and time of the request or (f) limited usage data, could be collected by Mapbox. This information is usually transferred to a server of Mapbox in the USA and stored there.
The data processing is based on Sec. 6 (1) sentence 1 lit. a GDPR, because the use of Mapbox ensures an appealing presentation of the online offer and makes it possible to find the places and offers indicated on our website.
15. Google Maps
Google Maps is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Our station-finder application is used on the website.
By using Google Maps, information regarding your usage of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will transmit the information obtained via the maps to third parties as and when required insofar as this is prescribed by law or insofar as third parties process this data by Google’s mandate. At no time will Google merge your IP address with other Google data. However, it cannot be ruled out that Google could make an identification of at least individual users based upon the data that has been received. Thus, it is entirely possible that personal data and personality profiles of the website’s users could be processed by Google for other purposes over which we have – and can have – no control. You have the option of deactivating the Google Maps’ service and thus preventing the data transfer to Google by deactivating Java Script on your browser. However we wish to point out that, in this case, you may not be able to use the map display function on our webpages.
Mailjet is provided by Mailgun Technologies, Inc., 112 E Pecan St #1135, San Antonio, TX 78205.
We use Mailjet to send all the transactional emails associated with the placement of a booking and to inform our customers about the status of their booking, and all the necessary contractual information related to it. When sending transactional emails, some customer data is stored by Mailjet, like email address, name, phone number, or other contact details associated with the formalization of the booking.
This information is automatically deleted after 7 days. The use of Mailjet is in the interest of keeping our customers well informed and making it possible to formalize a booking. This represents a legitimate interest in the context of Art. 6 para. 1 lit. f GDPR.
17.1. Affected Persons’ Rights
In order to exercise your rights, please contact us using our details in the Contact section below. In so doing, please ensure that it is possible for us to clearly identify you.
You have a right to information as well as, subject to certain requirements, of correction, deletion, restriction of the processing and/or to lodge an objection against the processing of your personal data as well as (as of 25/05/2018) a right to data portability.
Moreover, you can lodge an objection at any time against the processing of your personal data in some circumstances (in particular, where we do not have to process the data to meet a contractual or other legal requirement and in relation to processing for direct marketing purposes). Please keep in mind that, owing to organisational reasons, there may be an overlap timeframe between your objection in relation to direct marketing and the usage of your data during a marketing campaign that is already on-going.
These rights may be limited, for example if fulfilling your request would unfairly reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep.
Where we have sought your consent to conduct the processing of your personal data, you may revoke this consent at any time. If you ask to withdraw your consent to our processing of your personal data, this will not affect any processing which has already taken place at that time.
17.2. Right to Lodge a Complaint to the Government Supervisory Agency
You have the right to lodge a complaint with the data protection supervisory authorities in the country where you live or work, or where you consider a breach of data protection law has occurred.
You can contact our Data Protection Officer at the following e-mail address: email@example.com.
If you would like to contact us, you can use the following information: