Privacy policy
We are very happy about your interest in our company. Data protection is particularly important for the management of Stöcklein Reisen GmbH. In principle, use of the website of Stöcklein Reisen GmbH is possible without any disclosure of personal data. However, if a person wants to use special services from our company via our website, personal data could be processed. If the processing of personal data is necessary and if there is no legal basis for such processing, we generally obtain consent from the person concerned.
The processing of personal data, such as the name, address, e-mail address or telephone number of an affected person, is always carried out in accordance with the General Data Protection Regulation and in accordance with the Stöcklein Travel GmbH Current country-specific data protection regulations. Through this Privacy Statement, our company wants to inform the public about the nature, scope and purpose of the personal data we collect, use and process. In addition, affected persons will be informed about the rights to which they are entitled by this privacy policy.
Stöcklein Reisen GmbH has implemented numerous technical and organisational measures as controller in order to ensure that the personal data processed via this website is the most complete possible protection possible. However, Internet-based data transfers can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, for example by telephone.
1. Terms
The privacy policy of Stöcklein Reisen GmbH is based on the terms used by the European Directive and Regulation when the General Data Protection Regulation (DS-GMO) was adopted. Our privacy policy should be easily readable and understandable to the public as well as to our customers and business partners. To ensure this, we would like to explain in advance the terms used.
In this Privacy Statement, we use, among other things, the following terms:
(a) Personal data
Personal data is any information relating to an identified or identifiable natural person (‘ the person concerned ‘). Identifiable is a natural person who is directly or indirectly assigned, in particular by assigning it to an identifier such as a name, to a identification number, to location data, to an online identifier or to one or more special features that reflect The physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person can be identified.
b) person concerned
The person concerned is any identified or identifiable natural person whose personal data is processed by the controller.
c) Processing
Processing is any operation performed with or without the help of automated procedures or any such sequence of operations related to personal data such as collecting, collecting, organizing, arranging, storing, adjusting or modifying, Reading, retrieving, using, disclosing by transmission, distribution or other form of delivery, matching or linking, restricting, deleting or destroying.
D) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
e) Profiling
Profiling is any type of automated processing of personal data that consists in this personal data being used to evaluate certain personal aspects related to a natural person, in particular to address aspects To analyze or predict this natural person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or change of location.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific affected person without the use of additional information, provided that this additional data Information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.
g) Responsible or controller
The person responsible for the processing is the natural or legal person, authority, institution or other body that decides solely or jointly with others on the purposes and means of processing personal data. If the purposes and means of this processing are provided by EU law or the law of the Member States, the person responsible may or provide for the specific criteria of his designation under EU law or the law of the Member States. Be.
h) Order processors
Order processor is a natural or legal entity, authority, institution or other body that processes personal data on behalf of the person responsible.
i) Receiver
The recipient is a natural or legal person, authority, entity or other body that is disclosed personal data, whether or not it is a third party. However, authorities that may receive personal data under EU law or Member States ‘ law may not be considered recipients.
j) Third party
Third party is a natural or legal person, authority, institution or other body other than the person concerned, the person responsible, the processor and persons who are responsible under the direct responsibility of the person responsible or the person responsible. Order processors have the power to process the personal data.
k) Consent
Consent is any person voluntarily given by the person concerned for the particular case in an informed and unequivocal manner, in the form of a declaration or other clear corroborating act intended to enable the person concerned to Understanding that it agrees with the processing of the personal data relating to it.
2. Name and address of the controller
Responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of data protection law are:
Stöcklein Reisen GmbH
Am Lachweihergraben 2a
91353 Hausen
Germany
Tel: 091917371737
Email: mail@stoeckleinreisen.de
Website: www.stoeckleinreinreisen.de
3. Cookies
The websites of Stöcklein Reisen GmbH use cookies. Cookies are text files that are stored and stored on a computer system via an Internet browser.
Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows the websites and servers visited to distinguish the individual browser of the person concerned from other internet browsers containing other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.
By using cookies, Stöcklein Reisen GmbH can provide users of this website with more user-friendly services that would not be possible without the cookie setting.
By means of a cookie, the information and offers on our website can be optimized in the sense of the user. Cookies allow us to recognize the users of our website, as mentioned above. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data every time they visit the website, because this is taken over by the website and the cookie stored on the user’s computer system. Another example is the cookie of a shopping basket in the online store. The online store remembers the items a customer has put in the virtual shopping cart via a cookie.
The person concerned can prevent the setting of cookies through our website at any time by means of a corresponding setting of the used internet browser and thus permanently object to the setting of cookies. Cookies that have already been set can also be deleted at any time via an internet browser or other software programs. This is possible in all popular internet browsers. If the person concerned deactivates the setting of cookies in the internet browser used, not all functions of our website can be fully used.
4. Collection of general data and information
The website of Stöcklein Reisen GmbH collects a range of general data and information with each visit of the website by an affected person or an automated system. This general data and information is stored in the server’s log files. The (1) browser types and versions used (1) can be summarized, (2) the operating system used by the access system, (3) the website from which a pull-ready system enters our website (so-called referrer), (4) the subpages, Which are controlled by a pull-to-use system on our website, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the access system and (8) Other similar data and information used to prevent security in the event of attacks on our information technology systems.
When using this general data and information, Stöcklein Reisen GmbH does not draw any conclusions about the person concerned. Rather, this information is needed in order (1) to deliver the contents of our website correctly, (2) to optimize the contents of our website as well as the advertising for it, (3) the long-term functioning of our information technology systems And to ensure the technology of our website as well as (4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyberattack. This anonymously collected data and information is therefore evaluated by Stöcklein Reisen GmbH, on the one hand, statistically and further, with the aim of increasing data protection and data security in our company, in order to ultimately achieve an optimal level of protection for those of To ensure the personal data we have processed. The anonymous data of the server log files is stored separately from all personal data provided by an affected person.
5. Registration on our website
The person concerned has the opportunity to register on the website of the controller with personal data. What personal data is transmitted to the controller results from the respective input mask used for registration. The personal data entered by the person concerned is collected and stored exclusively for internal use by the controller responsible for the processing and for his own purposes. The controller can arrange for one or more contract processors, such as a parcel service provider, to be transferred, who will also use the personal data exclusively for internal use, which is the responsibility for the Calculation manager is attributable to benefits.
Registration on the website of the controller is also used to store the IP address given by the Internet service provider (ISP) of the person concerned, the date and the time of registration. The storage of this data takes place against the background that this is the only way to prevent the misuse of our services and, if necessary, to enable this data to be investigated. In this respect, it is necessary to store this data in order to secure the controller. As a matter of principle, this data will not be passed on to third parties unless there is a legal obligation to pass on or if the law enforcement is passed on.
The registration of the person concerned, with a voluntary disclosure of personal data, serves the controller to offer the person concerned content or services which, due to the nature of the goods, are only registered users. Can be offered. Registered persons are free to change the personal data provided at the time of registration or to have it completely deleted from the data set of the controller.
The person responsible for processing shall inform each concerned at any time, on request, about what personal data about the person concerned is stored. Furthermore, the person responsible for the processing corrects or deletes personal data at the request or notice of the person concerned, provided that there are no legal retention obligations. In this context, all the employees of the controller are available to the person concerned as contact persons.
6. Subscription of our newsletter
On the Stöcklein Reisen GmbH website, users are given the opportunity to subscribe to our company’s newsletter. What personal data is transmitted to the controller when the newsletter is ordered is the result of the input mask used for this purpose.
Stöcklein Reisen GmbH informs its customers and business partners about company offers at regular intervals by way of a newsletter. As a matter of principle, the newsletter of our company can only be received by the person concerned if (1) the person concerned has a valid e-mail address and (2) the person concerned registers for the newsletter. For legal reasons, a confirmation email in the double opt-in procedure will be sent to the e-mail address, which is first registered by an affected person for the e-mail delivery. This confirmation email is used to verify that the owner of the e-mail address, as the person concerned, has authorized the receipt of the newsletter.
When registering for the newsletter, we also store the IP address of the computer system used by the affected person at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to comprehend the (possible) misuse of the e-mail address of an affected person at a later date and therefore serves to secure the legal protection of the controller.
The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. Subscribers to the newsletter could also be informed by e-mail, if this is necessary for the operation of the newsletter service or registration in this regard, as in the event of changes to the newsletter offer or in the event of a change in the technical Could be the case. No disclosure of the personal data collected as part of the newsletter service will be passed on to third parties. The subscription to our newsletter can be cancelled by the person concerned at any time. Consent to the storage of personal data given to us by the person concerned for newsletters can be revoked at any time. For the purpose of revoking consent, there is a corresponding link in each newsletter. It is also possible to unsubscribe from newsletters directly on the website of the controller at any time, or to communicate this to the controller in any other way.
7. Newsletter tracking
The newsletters of Stöcklein Reisen GmbH contain so-called counting pixels. A counting pixel is a miniature graphic embedded in such emails, which are sent in HTML format to allow log file recording and logsoon analysis. This allows a statistical analysis of the success or failure of online marketing campaigns to be carried out. Based on the embedded counting pixel, Stöcklein Reisen GmbH can detect if and when an e-mail was opened by an affected person and which links in the email were accessed by the affected person.
Such personal data collected via the counting pixels contained in the newsletters will be stored and evaluated by the controller in order to optimise newsletters and to improve the content of future newsletters. Interests of the person concerned. This personal data will not be shared with third parties. Affected persons are entitled at any time to revoke the separate consent form issued through the double opt-in procedure. After a revocation, this personal data will be deleted by the controller. Stöcklein Reisen GmbH automatically interprets a deregistration from receipt of the newsletter as a revocation.
8. Access via the website
Due to legal regulations, the website of Stöcklein Reisen GmbH contains information that enables quick electronic contact with our company as well as direct communication with us, which is also a general address of the So-called electronic mail (e-mail address). If an affected person contacts the controller via e-mail or via a contact form, the personal data transmitted by the person concerned will be automatically stored. Such personal data, transmitted on a voluntary basis by an affected person to the controller, is stored for the purpose of processing or contacting the person concerned. This personal data will not be passed on to third parties.
9. Routine deletion and blocking of personal data
The controller processes and stores personal data of the person concerned only for the period necessary to achieve the purpose of the storage, or if this is done by the European Regular and Regular Service, or Another legislator has been provided in laws or regulations which the person responsible for processing is subject to.
If the purpose of the storage is waiated or a storage period prescribed by the European Directive and Regulation Officer or another competent legislator expires, the personal data is routinely and in accordance with the statutory Regulations blocked or deleted.
10. Rights of the person concerned
(a) Right to confirmation
Each person concerned has the right granted by the European Code of Directive and regulation to require the controller to confirm whether they are being processed in relation to personal data. If an affected person wishes to avail himself of this right of confirmation, he or she can contact an employee of the controller at any time.
b) Right to information
Any person affected by the processing of personal data shall have the right granted by the European Commissioner for a Directive and regulation to provide due information, of the information stored on their person, at any time, from the person responsible for the processing. To obtain personal data and a copy of this information. In addition, the European Commissioner for a Directive and Regulation has provided the person concerned with information on the following information:
- The processing purposes
- The categories of personal data that are processed
- The recipients or categories of recipients to whom the personal data has been disclosed or is still disclosed, in particular to recipients in third countries or to international organizations
- If possible, the planned duration for which the personal data is stored or, if this is not possible, the criteria for determining that duration
- The existence of a right to correct or delete the personal data relating to them or to restrict the processing by the person responsible or a right of objection to this processing
- The existence of a right of appeal to a supervisory authority
- If the personal data is not collected from the person concerned: All available information about the origin of the data
- The existence of automated decision-making, including profiling in accordance with Articles 22 (1) and 4 DS GMOs and — at least in these cases — meaningful information on the logic involved, as well as the scope and desired impact of a Such processing for the person concerned
The person concerned also has the right to provide information as to whether personal data has been transferred to a third country or to an international organisation. Moreover, if this is the case, the person concerned has the right to obtain information on the appropriate guarantees relating to the transfer.
If an affected person wishes to avail himself of this right of information, he or she can contact an employee of the controller at any time.
c) Right to correct
Any person affected by the processing of personal data has the right granted by the European Commissioner for a Directive and Regulation to request the immediate correction of incorrect personal data relating to them. Furthermore, the person concerned has the right to demand —, taking into account the purposes of processing, the completion of incomplete personal data — also by means of a supplementary declaration.
If an affected person wishes to avail himself of this right of correction, he or she can contact an employee of the controller at any time.
D) Right to erasure (right to be forgotten)
Any person affected by the processing of personal data has the right granted by the European Commissioner for a Directive and Regulation to require the person responsible to delete the personal data relating to them without delay, provided that the personal data relating to them is deleted. One of the following reasons applies and where processing is not required:
- The personal data has been collected or processed for purposes for which it is no longer necessary.
- The person concerned revokes their consent, on which the processing is based in Article 6 (6). 1 letter a DS GMO or Article 9 (s). 2 (A) DS GMOs and there is no other legal basis for processing.
- The person concerned shall lays in accordance with Article 21 (21). 1 DS-GMO objects to processing and there are no primary legitimate reasons for processing, or the person concerned shall submit in accordance with Article 21 (21). 2 DS-GMO objects to processing.
- The personal data was processed unlawfully.
- The deletion of personal data is necessary to fulfil a legal obligation under EU law or the law of the Member States to which the person responsible is subject.
- The personal data was collected in relation to the services offered by the information society in accordance with Article 8 (8). 1 DS-GMO.
If any of the above reasons are correct and if an affected person wishes to arrange for the deletion of personal data stored at Stöcklein Reisen GmbH, they can contact an employee of the for processing at any time. Responsible people turn. The employee of Stöcklein Reisen GmbH is advised that the request for deletion will be complied with immediately.
Have the personal data been made public by Stöcklein Reisen GmbH and is our company responsible in accordance with Article 17 (). 1 DS-GMO obliged to delete the personal data, Stöcklein Reisen GmbH shall take appropriate measures, including technical measures, to other for data processing, taking into account the available technology and implementation costs. Responsible who processes the published personal data to inform that the person concerned is deleting all links to this personal data from those other data controllers. Required of copies or replicas of this personal data, provided that the processing is not required. The employee of Stöcklein Reisen GmbH will arrange what is necessary on a case-by-case basis.
e) Right to restrict processing
Any person affected by the processing of personal data has the right granted by the European Regular and Proquiacy to require the person responsible to restrict the processing if one of the following conditions is met:
- The accuracy of the personal data is disputed by the person concerned for a period of time that allows the person responsible to verify the accuracy of the personal data.
- The processing is illegal, the person concerned refuses to delete the personal data and instead requires the restriction of the use of the personal data.
- The person responsible no longer needs the personal data for the purposes of processing, but the person concerned needs it to assert, exercise or defend legal claims.
- The person concerned objects to the processing. Article 21 (21). 1 DS-GMO and it is not yet clear whether the legitimate reasons of the person responsible outweigh those of the person concerned.
If any of the above conditions are met and an affected person wishes to request the restriction of personal data stored at Stöcklein Reisen GmbH, he or she can contact an employee of the Data managers. The employee of Stöcklein Reisen GmbH will arrange for the processing to be restricted.
f) Right to data portability
Any person affected by the processing of personal data shall have the right granted by the European Commissioner for a Directive and Regulation, the personal data relating to them, which have been provided by the person concerned to a responsible person, In a structured, common and machine-readable format. It also has the right to transmit this data to another person responsible without hindrance by the person responsible for whom the personal data was provided, provided that the processing on the consent under Article 6 (6) is provided. 1 letter a DS GMO or Article 9 (s). 2 (1) of a DS GMO or on a contract in accordance with Article 6 (6). 1 (b b b b) GMO is based and processing is carried out using automated procedures, provided that processing is not necessary for the performance of a task which is in the public interest or in the exercise of public authority, which is the responsibility of the Responsible was transferred.
Furthermore, the person concerned shall be responsible for exercising their right to data portability in accordance with Article 20 (20). 1 DS-GMO the right to obtain that the personal data be transmitted directly by one person responsible to another person, provided that this is technically feasible and does not affect the rights and freedoms of other persons Be.
In order to assert the right to data portability, the person concerned can contact an employee of Stöcklein Reisen GmbH at any time.
g) Right to object
Any person affected by the processing of personal data shall have the right granted by the European Code of Directive and the Regulation, for reasons arising from their particular situation, at any time against the processing of personal data relating to them. Data based on Article 6 (6). 1 letter e or f DS-GMO is made to appeal. This also applies to profiling based on these provisions.
Stöcklein Reisen GmbH will no longer process the personal data in the event of an objection, unless we can prove compelling grounds for processing worthy of protection that outweigh the interests, rights and freedoms of the person concerned, or The purpose of processing is to assert, exercise or defend legal claims.
When Stöcklein Reisen GmbH processes personal data in order to conduct direct advertising, the person concerned has the right to object at any time to the processing of the personal data for the purpose of such advertising. This also applies to profiling, as far as it is associated with such direct advertising. If the person concerned objects to Stöcklein Reisen GmbH’s processing for direct advertising purposes, Stöcklein Reisen GmbH will no longer process the personal data for these purposes.
In addition, the person concerned has the right, for reasons arising from his particular situation, against the processing of personal data relating to him, which is used by Stöcklein Reisen GmbH for scientific or historical research purposes or for scientific or historical research purposes. Statistical purposes in accordance with Article 89 () of Article 89 (). 1 GDPR shall be held to appeal, unless such processing is necessary in order to fulfil a problem in the public interest.
In order to exercise the right to object, the person concerned may contact any employee of Stöcklein Reisen GmbH or any other employee directly. The person concerned is also free to exercise his right to object to the use of information society services, notwithstanding Directive 2002/58/EG, through automated procedures in which technical specifications are subject to Be used.
(h) Automated decisions on a case-by-case basis, including profiling
Every person affected by the processing of personal data has the right granted by the European Regular and Proconstitution Affender not to have a decision based solely on automated processing — including profiling — To be subjected to the effect that has legal effect on it or to adversely impair it in a similar manner, unless the decision (1) for the conclusion or fulfilment of a contract between the person concerned and the person responsible Is required, or (2) is permissible under legislation from the Union or Member States to which the person responsible is subject, and this legislation is appropriate measures to safeguard rights and freedoms, as well as the legitimate interests of the Affected or (3) with the express consent of the person concerned.
If the decision (1) is necessary for the conclusion or fulfillment of a contract between the person concerned and the person responsible, or (2) it shall be made with the express consent of the person concerned, Stöcklein Reisen GmbH shall meet appropriate Measures to safeguard the rights and freedoms and legitimate interests of the person concerned, including at least the right to the right of a person to intervene on the part of the person responsible, to state his or her own position and to challenge the Decision heard.
If the person concerned wishes to assert rights with respect to automated decisions, he or she can contact an employee of the controller at any time.
(i) Right to revoke data protection consent
Any person affected by the processing of personal data has the right granted by the European Regular and Proordination to revoke consent to the processing of personal data at any time.
If the person concerned wishes to assert his right to revoke a consent, he or she can contact an employee of the controller at any time.
11. Privacy Policy on the use and use of Google Analytics (with anonymization function)
The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, collection and analysis of data on the behaviour of visitors to websites. A web analysis service collects, among other things, data about from which website an affected person came to a website (so-called referrer), which subpages of the website accessed or how often and for which length of stay a Bottom looked at. A web analysis is mainly used to optimize a website and to analyze the cost-benefit of Internet advertising.
The operating company of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The controller uses the addition “_ gat. _ anonymizeIp” for web analysis via Google Analytics. This addition shortens and anonymizes the IP address of the affected person’s Internet connection if access to our website from a Member State of the European Union or from another Contracting State to the Agreement on The European Economic Area.
The purpose of the Google Analytics component is to analyze visitor flows on our website. Among other things, Google uses the data and information obtained to evaluate the use of our website in order to compile online reports for us, which show the activities on our website, and to provide others with the use of our website. To provide services related to the website.
Google Analytics puts a cookie on the information technology system of the person concerned. What cookies are has already been explained above. By setting the cookie, Google is made possible to analyse the use of our website. Each time one of the individual pages of this website is accessed, which is operated by the controller and on which a Google Analytics component has been integrated, the Internet browser is used on the information technology system of the Affected person automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google becomes aware of personal data, such as the IP address of the person concerned, which, among other things, is used by Google to trace the origin of visitors and clicks and subsequently to make commission statements. Allow.
Cookies store personal information, such as access time, the location from which access originated and the frequency of visits to our website by the person concerned. Every time you visit our website, this personal data, including the IP address of the Internet connection used by the person concerned, is transferred to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data with third parties through the technical process.
The person concerned can prevent the setting of cookies by our website, as already shown above, at any time by means of a corresponding setting of the used internet browser and thus permanently object to the setting of cookies. Such a setting of the internet browser used would also prevent Google from putting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
It is also possible for the person concerned to object to and prevent the collection of the data generated by Google Analytics, the use of this website and the processing of this data by Google. To do this, the person concerned must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout. This browser add-on tells Google Analytics via JavaScript that no data and information about web page visits may be submitted to Google Analytics. The installation of the browser add-on is considered a contradiction by Google. If the information technology system of the affected person is deleted, formatted or reinstalled at a later date, the person concerned must reinstall the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or deactivated by the person concerned or any other person attributable to their sphere of power, there is the possibility of reinstalling or reactivating the browser add-on.
Further information and Google’s applicable privacy policies can be accessed at https://www.google.de/intl/de/policies/privacy/and http://www.google.com/analytics/terms/de.html. Google Analytics is https://www.google.com/intl/de_de/analytics/explained in more detail on this link.
12. Legal basis for processing
Article 6 I lit. A DS-GMO serves as a legal basis for our company for processing operations in which we obtain consent for a specific processing purpose. Is the processing of personal data necessary to fulfil a contract of which the person concerned is a contracting party, as is the case, for example, with processing operations that are used to supply goods or to provide any other contract. Power or consideration are necessary, so the processing is based on Article 6 I lit. b DS GMO. The same applies to such processing operations that are necessary to carry out pre-contractual measures, such as in cases of requests for our products or services. If our company is subject to a legal obligation by which the processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Article 6 I lit. c DS-GMO. In rare cases, the processing of personal data may be necessary to protect vital interests of the person concerned or another natural person. This would be the case, for example, if a visitor to our company were to be injured and his name, age, health insurance data or other vital information were passed on to a doctor, hospital or other third party Should. Then the processing would be on Article 6 I lit. D DS-GMO.
Ultimately, processing operations could be on Article 6 I lit. f DS-GMO. This legal basis is based on processing processes that are not covered by any of the aforementioned legal bases if processing is necessary to maintain a legitimate interest of our company or a third party, provided that the interests, Do not outweigh the fundamental rights and freedoms of the person concerned. We are particularly permitted to carry out such processing operations because they have been mentioned in particular by the European legislature. In that regard, he took the view that a legitimate interest could be assumed if the person concerned was a customer of the person responsible (recital 47, second sentence, 2 of the DS GMO).
13. Eligible interests in processing pursued by the person responsible or a third party
Is the processing of personal data based on Article 6 I lit. (GDT) GMO is our legitimate interest in conducting our business for the benefit of all our employees and our shareholders.
14. Duration for which the personal data is stored
The criterion for the duration of the storage of personal data is the respective legal retention period. After the expiry of the period, the relevant data will be routinely deleted, provided that it is no longer necessary for the fulfillment of the contract or for the initiation of the contract.
We store your data as long as it is needed for the respective processing purpose. Please note that many retention periods require data to continue to be stored. This applies in particular to commercial or tax retention obligations (e.g. Commercial Code, Tax Code, etc.). Unless there are any further retention obligations, the data will be routinely deleted after the return of purpose.
In addition, we may retain data if you have given us your permission to do so, or if there are legal disputes and if we use evidence within the framework of statutory statute of limitations, which can be up to thirty years; The regular statute of limitations is three years.
15. Legal or contractual rules for the provision of personal data; Requirements for the conclusion of the contract; Obligation of the person concerned to provide the personal data; Possible consequences of non-deployment
We inform you that the provision of personal data is sometimes required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information about the contractual partner).
Sometimes, at the conclusion of the contract, it may be necessary for an affected person to provide us with personal data that subsequently has to be processed by us. For example, the person concerned is obliged to provide us with personal data if our company signs a contract with them. Failure to provide the personal data would mean that the contract with the person concerned could not be concluded.
Before the person concerned is provided with any personal data provided by the person concerned, the person concerned must contact one of our employees. Our employee informs the person concerned on a case-by-case basis whether the provision of the personal data is required by law or contractually or whether there is an obligation to the personal data. And what would be the consequences of not providing the personal data.
16. Existing automated decision-making
As a responsible company, we refrain from automatic decision-making or profiling.
17. The purposes and legal bases of data processing
When processing your personal data, the provisions of the EU DS GMOs and all other applicable data protection regulations are complied with. Legal basis for data processing is based in particular on Article 6 of EU GDS.
We use your data to initiate business, to comply with contractual and legal obligations, to implement the contractual relationship, to offer products and services, and to strengthen the customer relationship, including analysis Marketing purposes and direct advertising.
Your consent is also a data protection permission provision. In doing so, we will inform you about the purposes of data processing and about your right of withdrawal. If the consent also relates to the processing of special categories of personal data, we will expressly inform you in the consent, Article 88 (). 1 EU DS GMO.
The processing of special categories of personal data, i.e. Article 9 (1) of the EU GDPR, will only take place if this is necessary due to legal requirements and there is no reason to believe that your legitimate interest in excluding the Processing predominates, Article 88 (). 1 EU DS GMO.
18. Passing on to third parties
We will only disclose your data to third parties within the scope of the legal provisions or if the relevant consent is given. Otherwise, it will not be passed on to third parties unless we are obliged to do so by mandatory legislation (disclosure to external authorities such as supervisory authorities or law enforcement agencies). Or may also require sharing your data if it serves the purpose of carrying out your booked trip (e.g. to the tour operator, the hotel, the shipping company, the airline). Only the relevant personal data is forwarded.
19. Recipient of data/categories of recipients
Within our company, we ensure that only those who need it to comply with contractual and legal obligations receive your information.
Occasionally, service providers support our specialist departments in carrying out their tasks. The necessary data protection contract has been concluded with all service providers.
20. Third country transfer/third country transfer intention
Data transfer to third countries (outside the European Union or European Economic Area) will only take place to the extent necessary to carry out the debt relationship, required by law or if you give us your consent to do so Have.
21. Secure transfer of your data
In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are constantly reviewed in collaboration with security experts and adapted to new safety standards.
The exchange of data to and from our website takes place encrypted. As a transmission protocol, we offer HTTPS for our website, using the current encryption protocols.
22. Obligation to provide the data
Various personal data is necessary for the creation, execution and termination of the debt relationship and the fulfillment of the contractual and legal obligations associated with it. The same applies to the use of our website and the various functions it provides.
We have summarized details of this in the above point for you. In certain cases, data must also be collected or made available on the basis of legal provisions. Please note that processing your request or performing the underlying debt relationship is not possible without providing this information.
23. Categories, sources and origin of the data
Which data we process determines the respective context, e.g. entering a request into our contact form.
Please note that we may also provide information for special processing situations separately in a suitable location, e.g. in the case of a contact request. As part of a contact request, we collect and process the following data:
-Name, first name
-Contact details
-Address
-information on wishes and interests
24. Contact form/contact by e-mail (Article 6 (1) lit. a, b EU DS-GMO)
There is a contact form on our website that can be used for electronic contact. When you write to us via the contact form, we process your information provided as part of the contact form to contact and respond to your questions and requests. Here, the principle of data economy and data avoidance is observed by only having to provide the data we need to contact you. These are your contact details with an email address as well as the message box itself. In addition, your IP address is processed out of technical necessity and for legal protection. All other data are voluntary fields and can be given as an option (e.g. to answer their questions more individually). If you contact us by e-mail, we will process the personal data provided in the email solely for the purpose of processing your request. Unless you use the forms offered to contact you, there will be no additional data collection.
25. Advertising purposes of existing customers (Article 6 (1) lit. f EU GDPR)
Stöcklein Reisen GmbH is interested in maintaining the customer relationship with you and providing you with information and offers about our products/services (flesh purposes in concrete terms). That’s why we process your data to send you relevant information and offers by email.
If you do not wish to do so, you may object at any time to the use of your personal data for the purpose of direct advertising; This also applies to profiling, as far as it is related to direct advertising. If you object, we will no longer process your data for this purpose. The protest can be free of charge and formal without any reason and should be addressed to mail@stoeckleinreisen.de by e-mail if possible. |
26. Data protection for applications and in the application process (Article 6 (1) lit. a, b EU DS-GMO)
We appreciate your interest in working at Stöcklein Reisen GmbH. We are aware of the importance of your data and process the personal data you provide as part of the application process only for the purpose of the effective and correct processing of the application process and for the contact in the context of the application process. Application process. No disclosure of the data to third parties will be made without your consent. Processing can also be done electronically. This is especially the case when an applicant submits corresponding application documents electronically, for example by e-mail. We will store your data for the above purpose until the application process is complete and deadlines have expired-no later than six months after receiving a decision.
27. Online offers for children
Persons under the age of 16 may not transmit any personal data to us or make a declaration of consent without the consent of their legal guardians. We would encourage parents and guardians to actively participate in their children’s online activities and interests.
28. Links to other providers
Our website also contains links to the Internet appearances of other companies. If there are links to websites of other providers, we have no control over their contents. Therefore, no liability and liability can be assumed for this content. The respective provider or operator of the pages is always responsible for the contents of these pages.
The linked pages were checked for possible violations of the law and discernible violations of the law at the time of linking. Illegal content was not discernible at the time of linking. However, a permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a violation of the law. As soon as we become aware of violations of the law, such links will be removed immediately.
This Privacy Statement was established by the Data Protection Generator of the DGD German Data Protection GmbH, which is acting as External Data Protection Officer of Upper Bavaria , in cooperation with the lawyer for data protection Christian Solmecke created.