Data Privacy Statement

Status: October 2023

1. GENERAL INFORMATION

Koblenz-Touristik appreciates your visit to our website and your interest in our offers, products and services. The protection of your personal data (hereinafter: "data") during use is an important concern for us and we want you to feel comfortable and secure when visiting our website. Compliance with the statutory data protection regulations is a matter of course for us.

In principle, it is possible to use our website without having to provide your data. Below we explain whether and what information we collect and use on our websites during your visit.

This privacy policy applies to the website http://www.koblenzer-weihnachtsmarkt.de.

2. IDENTITY OF THE CONTROLLER

The controller responsible for data processing within the meaning of Art. 4 No. 7 GDPR (EU General Data Protection Regulation) is

Koblenz-Touristik GmbH

Bahnhofplatz 7

56068 Koblenz

can be contacted by phone: 0261 30388-0, fax: 0261 30388-11, e-mail info@koblenz-touristik.de

3. DATA PROTECTION OFFICER

Koblenz-Touristik has effectively appointed a data protection officer at

3rd Mind Business Consulting GmbH

Langer Weg 60

65760 Eschborn

If you have any questions about data protection, please contact Mr. Frank Giebel at DSB-Service@3rd-mind.de

Please note that if you contact us by standard e-mail, the confidentiality of the information transmitted cannot be guaranteed due to the (technical) nature of e-mail transmission. We therefore recommend that you send confidential information by post.

4. PERSONAL DATA

This is any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person (human being) is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This basically means all direct or indirect information that leads to your identity. This includes, for example, information such as name, address, telephone number, e-mail address, account data, credit/debit card data, but also fingerprints, photos, etc.

5. PROCESSING PURPOSES AND LEGAL BASES

If you provide us with your data, its use by us is regularly based on the contract concluded with you or pre-contractual negotiations on the basis of Art. 6 (1) lit. b GDPR or on your voluntary consent in accordance with Art. 6 (1) lit. a GDPR, e.g. to process your inquiries, use our web forms or similar.

Furthermore, as a public body, we may process data on the basis of Art. 6 (1) lit. e GDPR in conjunction with Section 3 LDSG RP (Rhineland-Palatinate State Data Protection Act) if this is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Web forms:

If we use web forms, your consent is required for the transmission and processing of the information provided therein. You can access the consent text directly under the respective form.

Your request will then be transmitted to our systems and stored for the purpose of executing a contract or an information request until the process is completed and / or for the duration of the business relationship. Data will only be stored for longer if there are statutory retention obligations (e.g. under tax law).

The data you enter there yourself are regularly

§Your first name and surname(for identification, reservation, registration, etc.)

§ Your postal address (for sending requested information by post)

§ Your e-mail address (for electronic contact / reservation / registration or sending of information)

§ Your desired booking period, if applicable with details of the number of people, program requests, etc. (for coordination and preparation of offers)

  • Your request itself (free text)

The specific processing purposes, options for revocation/objection and other (also participation) conditions are specified in the texts under the respective forms. Please note this information before submitting your data from the respective forms.

Automatically collected data when you visit our websites:

In log files ("server log files"), via search engines and/or forms, data is automatically collected when you use our websites, which your web browser / provider automatically transmits to our provider. When you visit our websites, our web servers temporarily store the following as standard

  • the web pages you visit on our website as well as the date, time and duration of your visit
  • the type of browser you are using, its version and the operating system you are using
  • the search engine you may have used
  • the names of any files downloaded
  • the (anonymized) IP address at the time of access
  • the type of device used
  • the website from which you visit us ("referrer URL").

If we evaluate this technical data, this is done anonymously and to ensure a smooth connection to the website, to ensure comfortable use of our website, to evaluate and improve system security and stability and for other administrative purposes on the legal basis of Art. 6 (1) lit. e GDPR i.V.m. § 3 LDSG RLP.

This data is not merged with other data sources. However, we reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

E-mail newsletter:

If we offer a newsletter service on our website and you register for this, we require your e-mail address for delivery. You can provide further information on a voluntary basis. By submitting your data entered in the newsletter registration form, you agree that we may process it exclusively for the purpose of sending our newsletter to your specified e-mail address and documenting your consent. Your data will not be passed on to third parties. The processing is based on Art. 6 (1) lit. a GDPR. You will first receive an automated email containing a link that you should click on to activate your subscription to the newsletter. In this way, we prevent misuse of the email address you have provided and can ensure that you have actually registered yourself. We will not send you any newsletters without completing this so-called "double opt-in procedure".

You can revoke your consent at any time with effect for the future: either via the unsubscribe link in the newsletter or via the unsubscribe form.

Competitions:

If we offer online competitions via our website, data may be collected on the basis of voluntary participation in accordance with Art. Art. 6 (1) lit. a GDPR data of the participants may be processed for the duration of the competition and the sending of the prizes. After the end of the competitions, the data of the winners will be stored in accordance with the tax regulations, the data of the non-winners will be deleted.

Use of a destination management system

We use the "feratel Deskline" destination management system from feratel media technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Austria(www.feratel.at) on our website to facilitate your online direct bookings of, for example, accommodation services and other travel services. As part of this destination management system, feratel media technologies AG processes the data as a processor for us and the tourism institutions and bases located in the federal state of Rhineland-Palatinate. The information and provisions on data protection of the feratel Deskline destination management system can be found in the data protection declaration of feratel media technologies AG, which you can view via the link in the booking portal or directly at http://www.feratel.at/rechtliche-hinweise.

This booking module sets a mandatory technical cookie to ensure proper technical functionality. Further information on cookies can be found further down in this document.

Other purposes:

Data may also be processed on the basis of Art. 6 (1) lit. e GDPR i.V.m. § 3 LDSG RLP for the establishment, assertion or defense of legal claims in these contexts.

6. RECIPIENTS OR CATEGORIES OF RECIPIENTS

We host our websites exclusively in data centers in Germany or in the EU.

Your data will not be passed on, sold or otherwise transferred to third parties unless this is necessary for the purpose of processing a contract or providing a service or you have expressly consented to this.

Otherwise, data is processed on our behalf on the basis of Art. 28 GDPR (order processing), e.g. for external services for the operation of our IT infrastructure.

In addition, data processing and its transmission to state institutions and authorities entitled to receive information is only carried out within the framework of the relevant laws or if we are obliged to do so by a court decision (see Art. 6 (1) lit. c GDPR).

7. AUTOMATED DECISION-MAKING / PROFILING

Automated decision-making / profiling or scoring within the meaning of Art. 22 GDPR does not take place.

8. CRITERIA FOR STORAGE DURATION AND DELETION

The storage period of your data depends on the processing purposes (see above) or the statutory retention / limitation and deletion periods. As a rule, it is stored for the duration of the business relationship with us. Longer (access-protected) storage only takes place in accordance with the relevant statutory retention obligations (e.g. for accounting and tax purposes) or for the exercise / defense of legal claims.

If your data is no longer required for the aforementioned purposes, including statutory retention obligations, it will be deleted within the statutory periods.

For technical reasons, data may be duplicated in backup files and mirror copies. Such copies may also only be deleted with a time delay for technical reasons.

9. COOKIES

A cookie is a small data package in the form of a text file that is transmitted from your device to your browser when you visit a website and stored on your computer. Cookies do not regularly cause any damage to your computer, nor do they contain viruses or personal data. Cookies are primarily used to ensure basic technical functions of the website, such as navigation or shopping cart and booking functions, as well as to store user information during or after visiting a website. This includes, for example, language settings for multilingual websites, a login status or the point up to which a video was viewed so that it can be played at the same point on the next visit. This may also include related technologies with the same function, which store pseudonymized user data in so-called "user IDs", for example.

Some cookies, especially from third-party providers, transfer their content and other information about visitors to the respective locations, including to third countries, which is why your consent is required.

This website uses the following cookies:

  • Strictly necessary or "essential" cookies are absolutely necessary for the proper technical operation of a website or for reasons of information security. These cannot be "deselected" to ensure the functionality of this website (e.g. for booking functions via DESKLINE (see above), to store your cookie preferences)

§ Statistical and third-party cookies: No personal data is analyzed for the use of MATOMO, nor is it transferred to third countries. However, third-party cookies (e.g. for GoogleMaps) require your consent. You give this consent either via a manual "double-click" solution directly on the element or via our cookie consent box (CCB).

  • Cookies for external media: Your consent is required for the integration and display of YouTube videos, for example, because this would regularly require data to be transferred to third countries. Content from video and social media platforms is blocked by default. You give your consent either via a manual "double-click" solution or via our cookie consent box (CCB).

Legal basis for the use of cookies

In principle, we do not process any personal data with the help of cookies, unless this would be necessary for a function of this website for the fulfillment of a contract with you, e.g. for bookings (see Art. 6 (1) lit. b or 49 (1) lit. b GDPR) or on the basis of your consent (see Art. 6 (1) lit. a or 49 (1) lit. a GDPR). In any other cases, we process purely technical data without personal reference on the basis of Art. 6 (1) lit. e GDPR in conjunction with Art. 3 LDSG RP. § 3 LDSG RP for a properly functioning website, an economical and secure operation of the same and the optimization of our online offer.

Effective submission and revocation of consent to cookies

Before setting cookies on the legal basis of consent, we ask you to give your consent directly for this function by actively clicking on it or via our "cookie consent box". You can revoke this consent at any time with effect for the future by closing the browser or via the CCB. If this is not the case, only the technically absolutely necessary cookies are set, the use of which is based on our interest and the interest of the users in the expected security and functionality of our website.

Basic settings via your browser

Irrespective of the respective legal basis for the setting of cookies (see above) and the technology used (cookie banner, cookie box), you can define the basic management of cookies via the browser you use; these then apply regularly to all websites, in that your browser

  • Informs you in principle about the setting of cookies,
  • Allowing cookies only in individual cases, excluding cookies for certain cases or in general, or
  • Automatically deleting cookies from your computer when you close your browser.

To do this, please follow the instructions in your browser manual.

Cookie block from online services (regularly not secure)

You can also object to the use of cookies for online marketing purposes by third-party services, in cases of "tracking" via http://optout.aboutads.info (in English) and www.youronlinechoices.com/ (also in German) online.

Cookie management via our cookie consent box (CCB)

You can give your consent (activation of cookies) and withdraw your consent(de-activation of cookies) elegantly via our "cookie box", which automatically appears on your screen the first time you visit our website. You can access the "cookie box" at any time via the corresponding (moving) symbol on the page. Deactivation is just as easy as activation (consent): by checking or unchecking the corresponding box. Exceptions are, as already mentioned, the technically absolutely necessary ("essential") cookies for the proper and secure functioning of our website (see above)

Please note that deactivating cookies may restrict certain functions of our website.

10. USE OF MATOMO

As part of our Internet service and in order to further improve our website for you and adapt it even more to the needs of users, we use the open source tool "Matomo" for the statistical analysis of website usage (for more information, please visit : https://www.matomo.org/). The information obtained with this tool is not passed on to third parties.

Matomo is configured so that no personal data is processed (e.g. no user IDs, user tracking) and no cookies are set. There is also no "device fingerprinting", i.e. your input device cannot be recognized. Anonymization takes place immediately after the IP address is processed and before it is stored on our web server. This is done by shortening the IP address by the last octet in accordance with the resolutions of the data protection conference of the data protection supervisory authorities of the federal and state governments (DSK). This means that you as the user always remain anonymous.

The anonymous statistical data includes, for example

  • Browser type and version
  • operating system used
  • Device type, model and brand
  • Screen resolution
  • search engine used
  • websites visited on our site, including length of visit
  • search terms and keywords, if applicable
  • Day and time of the visit
  • Location of the visit (continent, country, region, city)
  • Browser language.
  • The number of visitors to each individual website,
  • The internet provider used.

12. USE OF GOOGLE WEB FONTS

This website uses so-called "web fonts" from Google (see above) for the uniform display of fonts. When you call up a page, your browser automatically loads the required fonts into its browser cache. We regularly store these fonts locally on our servers, i.e. no connection needs to be established with the transmission of your IP address to the Google servers.

However, it cannot be completely ruled out that your browser may nevertheless establish a connection to Google servers for these or other purposes, through which Google ultimately becomes aware that our website has been accessed via your IP address.

If your browser does not support web fonts, a standard font will be used by your computer.

You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https: //www.google.com/policies/privacy/.

13. INTEGRATION OF YOUTUBE VIDEOS

We integrate videos from YouTube (belonging to Google, see above) on our websites via corresponding plug-ins in our online offer on the basis of your consent in accordance with Art. 6 (1) lit. a GDPR. This data transfer to a third country is legitimized by an adequacy decision of the EU Commission in conjunction with the EU-US Data Privacy Framework (DPF), the US company is certified accordingly according to the US Department of Commerce, see https://www.dataprivacyframework.gov/s/data-protection-authorities). The videos are or are regularly stored on www.youtube.com and can be played directly from our website. These are primarily integrated in "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the following paragraph be transmitted. We have no influence on this data transfer.

You give your consent through the so-called "double-click" solution, i.e. as long as you do not click on a YouTube video marked accordingly, it will neither be played nor will data be transferred to the YouTube servers. Only when you explicitly click on the video (again) will the streaming service start. A connection to the YouTube servers in the USA is then established and YouTube receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether YouTube provides a user account that you are logged into or whether no user account exists. If you are logged in to YouTube / Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your YouTube profile, you must log out of your account before activating the video. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube or Google to exercise this right.

Further information on the purpose and scope of data collection and its processing by YouTube can be found in their privacy policy. There you will also find further information on your rights and setting options to protect your privacy under the current link www.google.de/intl/de/policies/privacy.

14. CHILDREN & ADOLESCENTS

Persons under the age of 18 should only transmit their personal data on the Internet with the consent of their parents or legal guardians. We do not request such information from children and young people, nor do we collect it, let alone pass it on to third parties.

15. TECHNICAL DATA PROTECTION

We have taken technical and organizational security measures to protect your data from loss, destruction, manipulation and unauthorized access and in particular to protect confidentiality, availability and (data) integrity, e.g. by storing it in data centers only in Germany or the EU. All employees and all persons involved in data processing (including contracted service providers) have been obliged by us to maintain confidentiality, to comply with data protection regulations and to handle personal data with care.

To protect security during transmission, we encrypt your data using Secure Socket Layer (SSL) where possible to prevent misuse by third parties.

Our security measures are continuously adapted in line with technological developments.

16. YOUR RIGHTS AS A DATA SUBJECT

As a data subject, authorized or otherwise entitled person, you have the possibility to assert the following rights against us at any time in writing or by e-mail, provided that there are no contractual or legal provisions to the contrary or the processing is necessary for other reasons.

To do so, please use the contact options at the beginning of this document.

Right to information: You can obtain information about your personal data stored by us at any time. Please only submit requests for information in writing (letter) or in text form (e-mail). For data protection reasons and due to a lack of qualified identification options, no information will be provided by telephone.

Right to correction: If we process your personal data directly and you discover incorrect information or a need to update it, you are welcome to inform us of this for correction purposes. in the event of significant changes, please enclose appropriate evidence with your application (e.g. in the event of name changes due to marriage or similar).

Right to erasure: You have the right to request that we erase your personal data at any time. Please note that we are legally obliged to retain certain data in accordance with the statutory retention obligations. We will then inform you of these data categories.

Right to restriction: You can request that we restrict the processing of your personal data at any time.

Right to data portability (data export): As you do not generally provide us with any personal data via our websites, we cannot offer you a classic data export function for this purpose. In any case, we will examine your request in accordance with the legal provisions and technical feasibility and will contact you immediately regarding implementation.

Right of objection / revocation: You can object to the processing of your personal data by us at any time or revoke any consent you have given with effect for the future.

Right to lodge a complaint with the supervisory authorities: You have the right to lodge a complaint with your competent state data protection supervisory authority if you are of the opinion that our processing of personal data concerning you violates the GDPR (General Data Protection Regulation). You can find the address on the website of the Federal Commissioner for Data Protection and Freedom of Information in Berlin (BfDI).

17. RESPONSIBLE DATA PROTECTION SUPERVISORY AUTHORITY

The following supervisory authority is responsible for Koblenz-Touristik GmbH:

The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate

Hintere Bleiche 34

55116 Mainz

18. LINKS TO OTHER WEBSITES

If you use links to external websites that are offered on our website, our data protection information does not extend to these external websites.

At the time the links were created, we were able to satisfy ourselves of the correctness of the linked website(s) in terms of content and security and we check this regularly. However, we have no influence on the continued compliance with data protection and security regulations of other providers or changes to content.

If you click on links to external websites that are displayed on our website, these external websites may collect user data if you click on these links or otherwise follow the instructions of these external websites, especially if you are logged in to other platforms or similar. We have no control over the data that is collected voluntarily or involuntarily via third-party advertisements or websites. Therefore, for your own safety, please also inform yourself on the websites of the other providers about the data protection declarations provided there.

If you become aware of an "unsafe" link from our applications, please inform us immediately so that we can investigate the matter. Thank you very much.

19. CHANGES TO OUR DATA PROTECTION INFORMATION

We reserve the right to change our security and data protection measures accordingly if this becomes necessary due to the legal situation and technical developments. In such cases, we will also adapt this document.

Please therefore note the current version at the beginning of this document.

20. FURTHER INFORMATION

If you require further information that is not provided in this data protection notice or if you require further information on a specific point, please contact our data protection officer directly at DSB-Service@3rd-mind.de.

Last updated: March 2023

Please note: This is an English translation; only the German version of our data privacy policy is legally binding (Please refer to Datenschutz).

1. GENERAL INFORMATION

Koblenz-Touristik appreciates your visit to our website as well as your interest in our offers, products and services. The protection of your personal data (hereinafter: "data") is of utmost importance to us and we want you to feel comfortable and secure when visiting and using our websites. Compliance with the statutory data protection provisions is a matter of course for us.

In principle, it is possible to use our website without providing any of your data. In the following, we explain whether and which information is collected and used on our website during your visit.

This data privacy policy applies to the website http://www.koblenzer-weihnachtsmarkt.de/.

2. IDENTITY OF THE CONTROLLER

The controller for data processing in line with Art. 4 No. 7 GDPR (EU General Data Protection Regulation) is

Koblenz-Touristik GmbH
Bahnhofplatz 7
Koblenz, Germany
56068

reachable via tel.: +49 (0)261-30388-0, fax: +49 (0)261-30388-11, email: info@koblenz-touristik.de.

3. DATA PROTECTION OFFICER

Koblenz-Touristik has effectively appointed a data protection officer at

3rd Mind Business Consulting GmbH
Langer Weg 60
Eschborn, Germany
65760 

For questions regarding data protection, you can reach Mr. Frank Giebel at: DSB-Service@3rd-mind.de

Please note that if you contact us by standard email, the confidentiality of the information transmitted cannot be guaranteed; this is due to the (technical) nature of email transmission. Therefore, we recommend that you send confidential information by post-letter.

4. PERSONAL DATA

This is any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person (human being) is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Basically, this refers to all direct or indirect information that leads to your identity. This includes, for example, details such as name, address, telephone number, email address, bank account details and credit/debit card details as well as fingerprints, photographs, etc.

5. PROCESSING PURPOSES AND LEGAL BASIS

If you provide us with your data, our use of said data is regularly founded on the contract or pre-contractual negotiations concluded with you on the basis of Art. 6 (1) lit. b GDPR or on your voluntary consent in accordance with Art. 6 (1) lit. a GDPR, e.g. for processing your enquiries, using our web forms or similar.

Furthermore, as a public body, we can process your data based on Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP (Rhineland-Palatinate State Data Protection Act) if this is necessary to fulfill a task in the public interest or in the exercise of official authority delegated to us.

Registration for passenger and hotel ships

Appropriate web forms are available for the registration of the above-mentioned ships at the berths of the Koblenz port. The information to be provided therein will be processed exclusively for the purposes of the service provision requested by you, for the execution of the contract concluded with you (cf. "Terms of use" on the corresponding sub-page), for ensuring necessary safety regulations and for legally required notifications to the authorities.

Web forms:

If we use web forms, your consent is required for the transmission and processing of the information provided therein. The consent text is available to you directly under the respective form.

Your enquiry is then transmitted to our systems and stored for the purpose of executing a contract or a request for information until the process is completed and/or for the duration of the business relationship. Longer storage only takes place if there are legal obligations to retain data (e.g. from tax law).

Your data entered by yourself are typically:

§ Your first and last name (for identification, reservation, registration, etc.)

§ Your postal address (for sending requested information via post)

§ Your email address (for electronic contact/reservation/registration or sending of information)

§ Your desired booking period; if necessary with information on the number of persons, programme wishes etc. (for coordination and preparation of offers)

  • Your enquiry itself (free text)

The special processing purposes, possibilities of revocation/objection as well as additional conditions (including, but not limited to participation requirements) are further specified in the texts below the respective forms, if applicable. Please note these instructions before submitting your data through the respective forms.

Automatically collected data when visiting our websites:

In log files ("server log files"), via search engines and/or forms, data is automatically collected when you use our websites, which your web browser/provider automatically transmits to our provider. When you visit our websites, our web servers temporarily store the following data by default:

  • the web pages you visit on our site as well as the date, time and duration of your visit
  • the type of browser you use, its version and the operating system you use
  • the search engine used, if any
  • the names of any files downloaded
  • the (anonymised) IP address at the time of access
  • the type of device used
  • the website from which you visit us ("referrer URL").

Insofar as we evaluate this technical data, this is done anonymously and to ensure the website's smooth connection setup, to ensure comfortable use of our website, for evaluating and improving system security and stability as well as other administrative purposes based on Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP. This data is not merged with other data sources. However, we reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

Email newsletter:

If we offer a newsletter service on our website and you register for this, we require your email address for delivery. You can provide further information on a voluntary basis. By submitting the data you entered in the newsletter registration form, you agree that we may process this data exclusively for the purpose of sending our newsletter to your specified email address and documenting your consent to this. As a matter of principle, the data will not be passed on to third parties. The processing is founded on Art. 6 (1) lit. a GDPR. You will first receive an automated email containing a link that you must click to activate receipt of the newsletter. In this way, we prevent misuse of your email address and can ensure that you have actually registered yourself. We will not send you any newsletters unless you complete this so-called "double opt-in procedure".

You can withdraw your consent at any time with effect for the future: either via the unsubscribe link in the newsletter or by using the unsubscribe form.

Competitions:

Insofar as we offer online competitions via our website, Participants' data can be processed on the basis of voluntary participation in accordance with Art. 6 (1) lit. a GDPR for the duration of the competition and the sending of the prizes. Upon conclusion of the competitions, the data of the winner/s will be stored in accordance with tax regulations and the data of the non-winners will be deleted.

Use of a destination management system

We use the destination management system "feratel Deskline" of feratel media technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Austria (www.feratel.at) on our website to enable your direct online bookings of, for example, accommodation services and other travel services. Within the framework of this destination management system, feratel media technologies AG processes the data of our institution as well as that of the tourism institutions and supporting offices located in the federal state of Rhineland-Palatinate. You can find the data protection notes and regulations of the destination management system feratel Deskline in the data protection declaration of feratel media technologies AG, which you can view via the link in the booking portal or directly at http://www.feratel.at/rechtliche-hinweise.

For the proper technical functionality of this booking module, the module sets a mandatory technical cookie. Further information on cookies can be found further down in this document.

Other purposes:

Data processing may also be necessary on the basis of Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP to establish, assert or defend legal claims in connection with the above-mentioned procedures.

6. RECIPIENTS OR CATEGORIES/THIRD COUNTRY TRANSFER

We host our websites exclusively in data centres in Germany or the EU.

Your data will not be passed on, sold or otherwise transferred to third parties unless this would be necessary for the purpose of processing a contract or providing a service, or unless you have expressly consented to this.

Furthermore, data is processed on our behalf on the basis of Art. 28 GDPR (order processing), e.g. for external services for the operation of our IT infrastructure.

In addition, data processing and its transmission to state institutions and authorities entitled to receive information only takes place within the framework of the relevant laws or if we are obligated to do so by a judicial ruling (cf. Art. 6 (1) lit. c GDPR in conjunction with § 3 LDSG RP).

7. AUTOMATED DECISION-MAKING/PROFILING

Automated decision-making/profiling or scoring in the sense of Art. 22 GDPR does not take place.

8. CRITERIA FOR RETENTION PERIOD AND DELETION OF DATA

The retention period of your data depends on the processing purposes (see above) or the statutory retention/limitation and deletion periods. As a rule, they are stored for the duration of the business relationship with us. Longer (access-protected) storage only takes place in accordance with the relevant statutory retention obligations (e.g. for accounting and tax purposes) or for the exercise/defence of legal claims.

As far as your data is no longer required for the aforementioned purposes, including legal retention obligations, it will be deleted within the legal periods.

For technical reasons, data may be duplicated in backup files and mirrors. Such copies will also be deleted with a time delay for technical reasons.

9. COOKIES

A cookie is a small data package in the form of a text file that is transferred from your device to your browser when you visit a website and is then stored on your computer. Cookies do not regularly cause any damage to your computer, nor do they contain viruses or personal data. Cookies are primarily used to ensure basic technical functions of the website, e.g. navigation or shopping basket and booking functions, as well as to save user information during or after a visit to a website. This includes, for example, language settings for multilingual websites, login status or the point up to which a video was viewed so that it can be played at the same point on the next visit. Furthermore, related technologies with the same function may be included, which, for example, store pseudonymised user details in so-called "user IDs".

Some cookies, especially those from third parties, transfer their content and other information about visitors to the respective locations, among other things, to third countries, which is why your consent is required for this.

This website uses the following cookies:

  • Mandatory or "essential" cookies are absolutely necessary for the proper technical operation of a website or for reasons of information security. These cannot be "deselected" to ensure the functionality of this website (e.g. for booking functions via DESKLINE (see above), to store your cookie preferences).

§ Statistics and third-party cookies: No personal data is analysed for the use of MATOMO nor is it transferred to third countries. However, third-party cookies (e.g. for GoogleMaps) require your consent. You give this either via a manual "double-click" solution directly on the element or via our Cookie Consent Box (CCB).

  • Cookies for external media: Your consent is required for the integration and display of YouTube videos, for example, because this would regularly require data to be transferred to third countries. Content from video and social media platforms is blocked by default. You give your consent either via a manual "double-click" solution or via our Cookie Consent Box (CCB).

Legal basis for setting cookies

In principle, we do not process any personal data with the help of cookies, unless this would be necessary for a function of this website for the fulfilment of a contract with you, e.g. for bookings (cf. Art. 6 (1) lit. b or 49 (1) lit. b GDPR) or on the basis of your consent (cf. Art. 6 (1) lit. a or 49 (1) lit. a GDPR). In other cases, we process purely technical data without reference to persons on the basis of Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP. These are for the purposes of a properly functioning website, an economic and secure operation of the website and the optimisation of our online offer.

Effective consent of and withdrawal of consent to cookies

Before a cookie is set on the legal basis of consent, we ask you for your consent directly at the location of this function by active click or via our "cookie consent box" (CCB). You can withdraw this consent at any time with effect for the future by closing the browser or via our CCB. If this consent is not given, only those cookies that are technically absolutely necessary will be set, the use of which is based on our interest and the interest of users in the expected security and functionality of our website.

Basic settings via your browser

Regardless of the respective legal basis for setting cookies (see above) and the technology used (cookie banner, cookie box), you can define the management of cookies fundamentally via the browser you use; these then apply regularly to all websites in that your browser

  • informs you about the setting of cookies,
  • allows cookies only in individual cases, excludes cookies for specific cases or in general, or
  • automatically deletes cookies from your computer when you close your browser.

To implement this, please follow the instructions in your browser manual.

Cookie block of online services (typically not secure)

You can also declare an objection to the use of cookies for online marketing purposes by third-party services, in cases of "tracking" via http://optout.aboutads.info (in English) and www.youronlinechoices.com (also in German) online.

Cookie management via our Cookie Consent Box (CCB)

You can give your consent (activation of cookies) and withdraw your given consent (de-activation of cookies) elegantly via our "cookie consent box", which automatically appears on your screen when you first visit our website. You can access the "cookie consent box" at any time by clicking on the corresponding (moving) symbol on the side. Deactivation (withdrawal) is just as simple as activation (consent): by setting or deselecting the corresponding tick. Exceptions are, as already mentioned, the technically necessary ("essential") cookies for the proper and secure functioning of our website (see above).

Please note that the deactivation of cookies may lead to the restriction of certain functions of our website.

10. USE OF MATOMO

As part of our internet service and in order to further improve our website for you and to adapt it even more to the needs of the users, we use the open source tool "Matomo" for the statistical evaluation of website use (for further information, please visit: https://www.matomo.org). The information obtained in this way is not passed on to third parties.

Matomo is configured so that no personal data is processed (e.g. no user IDs, user tracking) and no cookies are set. There is also no "device fingerprinting", i.e. your input device cannot be recognised. Anonymisation takes place immediately after processing the IP address and before it is stored on our web server. This is done by shortening the IP address by the last octets in accordance with the resolutions of the Data Protection Conference of the Federal and State Data Protection Authorities (DPC) of Germany. This means that you as the user always remain anonymous.

The anonymous statistical data includes, for example:

  • browser type and version
  • operating system used
  • device type, model and brand
  • screen resolution
  • search engine used
  • the websites visited, including the time spent on them
  • search terms and keywords, if applicable
  • day and time of the visit
  • location of the visit (continent, country, region, city)
  • browser language.
  • The number of visitors to each individual web page,
  • The internet provider used.

12. USE OF GOOGLE WEB FONTS

This website uses so-called "web fonts" from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for the uniform display of fonts. When you call up a page, your browser automatically loads the required fonts into its browser cache. We regularly keep these fonts locally on our servers, i.e. no connection needs to be established with the transmission of your IP address to the Google servers.

However, it cannot be completely ruled out that your browser will nevertheless establish a connection to Google servers for these or other purposes, which will ultimately make Google aware that our website was accessed via the IP address you used.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy.

13. INTEGRATION OF YOUTUBE VIDEOS

We integrate videos from YouTube (belonging to Google, see above) into our online offer via corresponding plug-ins on the basis of your consent in accordance with Art. 49 (1) lit. a GDPR, which are regularly stored on www.youtube.com and can or will be played directly from our website. These are primarily integrated in "extended data protection mode", i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the following paragraph be transferred. We have no influence on this data transmission.

You give your consent by using the so-called "double-click" solution, i.e. as long as you do not click on a YouTube video marked accordingly, it will neither be played nor will data be transmitted to the YouTube servers. Only when you explicitly click on the video (again) does the streaming service start. A connection is then established to the YouTube servers in the USA and YouTube receives the information that you have accessed this corresponding sub-page of our website. This takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to YouTube / Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out of your account before activating the video. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and to exercise this right you must contact YouTube or Google.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to their privacy policy. There you will also find further information on your rights and setting options for the protection of your privacy under the current link www.google.de/intl/de/policies/privacy.

14. CHILDREN & YOUTH

As a matter of principle, persons under the age of 18 should only transmit their personal data on the Internet with the consent of their parents or legal guardians. We neither request such information from children and young people, nor do we collect it, and we certainly do not pass it on to third parties.

15. INFORMATION SECURITY

We have taken technical and organisational security measures to protect your data from data-loss, destruction, manipulation and unauthorised access and in particular to maintain confidentiality, availability and (data) integrity, e.g. by storing it in data centres only in Germany or the EU. All employees and all persons involved in data processing (including those of commissioned service providers) have been obligated by us to maintain confidentiality, to comply with data protection regulations and to handle personal data with care.

To protect security during transmission, we encrypt your data with Secure Socket Layer (SSL) or the newer standard TLS (Transport Layer Security) where possible. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and a lock symbol is displayed in the address line of the browser.

Our security measures are continuously adapted in line with technological developments.

16. YOUR RIGHTS AS A DATA SUBJECT

As a data subject, authorised or otherwise entitled person, you have the possibility to assert the following rights against us at any time in writing or by e-mail, provided that there are no contractual or legal provisions to the contrary or the processing is necessary for other reasons.

To do so, please use the contact options at the beginning of this document.

Right to access: You can obtain information about your personal data stored by us at any time. Please only submit requests for information in writing (letter) or in text form (email). For data protection reasons and due to the lack of qualified identification possibilities, no information will be provided by telephone.

Right to rectification: If we process personal data directly from you and you discover incorrect information or a need to update it, you are welcome to inform us of this for correction purposes.  In the case of significant changes, please enclose appropriate supporting documents with your application (e.g. in the case of name changes due to marriage or similar).

Right to erasure: You have the right to request the erasure of your personal data from us at any time. Please note that we are legally obligated to retain certain data in accordance with statutory retention obligations. We will then inform you of these data categories.

Right to restriction: You can request to restrict the processing of your personal data at any time.

Right to data portability (data export): As you do not usually provide us with personal data via our websites, we cannot offer you a classic data export function for this purpose. In any case, we will examine your request in accordance with the legal provisions and technical feasibility and contact you immediately regarding implementation.

Right of objection/withdrawal: You can object to the processing of your personal data by us at any time or revoke any consent you have given with effect for the future.

Right to complain to the supervisory authorities: You have the right to lodge a complaint with your competent state data protection supervisory authority if you believe that our processing of personal data concerning you violates the GDPR (General Data Protection Regulation). You can find the address on the website of the Federal Commissioner for Data Protection and Freedom of Information in Berlin (BfDI).

17. COMPETENT DATA PROTECTION SUPERVISORY AUTHORITY

The following supervisory authority is responsible for Koblenz-Touristik GmbH:

The State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate
Hintere Bleiche 34
Mainz, Germany
55116

18. LINKS TO OTHER WEBSITES

If you use links to external websites that are offered as part of our website, our data protection information does not extend to these external websites.

At the time the link was set up, we were able to satisfy ourselves as to the correctness of the linked website(s) in terms of content and security, and we check this regularly. However, we have no influence on the further compliance with data protection and security regulations of other providers or changes in content.

If you click on links to external websites displayed on our website, these external websites may collect user data if you click on these links or otherwise follow the instructions of these external websites, in particular if you are logged in to other platforms or similar. We have no control over the data that is collected voluntarily or involuntarily via advertisements or third-party websites. Therefore, please also inform yourself on the websites of the other providers about the data protection declarations provided there for your safety.

If you become aware of an "unsafe" link originating from our applications, please inform us immediately so that we can investigate the matter. Thank you.

19. CHANGES TO OUR DATA PRIVACY POLICY

If the legal situation or technical developments make it necessary, we reserve the right to change our security and data protection measures accordingly. In such cases, we will also adapt this document.

Please therefore note the current version at the beginning of this document.

20. FURTHER INFORMATION

If you require further information that is not provided by this data privacy policy or if you require further information on a specific point, please contact our data protection officer directly at DSB-Service@3rd-mind.de.