This data protection declaration clarifies the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content associated with it, as well as external online presences, such as our social media profile (hereinafter jointly referred to as "online offer"). With regard to the terminology used, such as "Processing" or "person responsible" we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Link to Impressum: https://chiemsee-ferienwohnungen.net/impressum-und-datenschutz/
Types of data processed:
- Inventory data (e.g., names, addresses).
- Contact details (e.g., e-mail, telephone numbers).
- Content data (e.g., text input, photographs, videos).
- Usage data (e.g. websites visited, interest in content, access times).
- Meta / communication data (e.g., device information, IP addresses).
Categories of data subjects
Visitors and users of the online offer (in the following we also refer to the persons concerned collectively as "users").
Purpose of processing
- Provision of the online offer, its functions and content.
- Answering contact requests and communicating with users.
- Safety measures.
- Reach measurement / marketing
We process the data of our contractual partners and interested parties as well as other clients, customers, clients, clients or contractual partners (uniformly referred to as "contractual partners") in accordance with Art. 6 Para. 1 lit. b. GDPR in order to provide you with our contractual or pre-contractual services. The data processed, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship.
The processed data includes the master data of our contractual partners (e.g., names and addresses), contact details (e.g. e-mail addresses and telephone numbers) as well as contract data (e.g., services used, contract content, contractual communication, names of contact persons) and payment data (e.g., Bank details, payment history).
As a matter of principle, we do not process special categories of personal data, unless these are components of commissioned or contractual processing.
We process data that are required for the establishment and fulfillment of the contractual services and point out the necessity of their disclosure, if this is not evident for the contractual partner. Disclosure to external persons or companies only takes place if it is required in the context of a contract. When processing the data provided to us as part of an order, we act in accordance with the instructions of the client and the legal requirements.
When using our online services, we can save the IP address and the time of the respective user action. The storage takes place on the basis of our legitimate interests, as well as the interests of the users in protection against misuse and other unauthorized use. A transfer of this data to third parties does not take place, unless it is to pursue our claims acc. Art. 6 para. 1 lit. f. GDPR required or there is a legal obligation to do so in accordance with. Art. 6 para. 1 lit. c. GDPR.
The data will be deleted when the data is no longer required to fulfill contractual or statutory duties of care and to deal with any warranty or comparable obligations, whereby the need to store the data is checked every three years; Otherwise, the statutory retention requirements apply.
Administration, Financial Accounting, Office Organization, Contact Management
We process data in the context of administrative tasks as well as the organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the context of providing our contractual services. The processing bases are Art. 6 Para. 1 lit. c. GDPR, Art. 6 Paragraph 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information given for these processing activities.
We disclose or transmit data to the financial administration, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.
Furthermore, on the basis of our business interests, we store information on suppliers, organizers and other business partners, e.g. for later contact. We generally store this mostly company-related data permanently.
When contacting us (e.g. via the contact form, email, telephone or via social media), the information provided by the user is used to process the contact request and its processing in accordance with Art. 6 para. 1 lit. b) GDPR processed. The user information can be stored in a customer relationship management system ("CRM system") or a comparable request organization.
We delete the inquiries if they are no longer required. We review the requirement every two years; The statutory archiving obligations also apply.
Hosting and E-mailing
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, email dispatch, security services and technical maintenance services that we use for the purpose of operating this online offer.
We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data from customers, interested parties and visitors to this online offer based on our legitimate interests in an efficient and secure provision of this online offer in accordance with. Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of an order processing contract).
Collection of Access Data and Log Files
We, or our hosting provider, collect data on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR data on every access to the server on which this service is
located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
For security reasons (e.g. to investigate acts of abuse or fraud), log file information is stored for a maximum of 7 days and then deleted. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.
Integration of Services and Content from Third Parties
We use content or service offers from third-party providers within our online offer based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our
online offer within the meaning of Art. 6 Para. 1 lit. Services such as Embed videos or fonts (hereinafter referred to as “content”).
This always presupposes that the third-party providers of this content perceive the IP address of the users, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user's device and contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, as well as being linked to such information from other sources.
We integrate the fonts ("Google Fonts") from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
We integrate maps from the “Google Maps” service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, the users' IP addresses and location data, which, however, are not collected without their consent (usually in the context of the settings of their mobile devices). The data can be processed in the USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Typekit fonts from Adobe
On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR), we use external "Typekit" fonts from the provider Adobe Systems Software Ireland Limited, 4 -6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. Adobe is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active).
Functions and contents of the Google+ platform, offered by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”), can be integrated into our online offer. For this purpose, e.g. Contents such as images, videos or texts and buttons belong with which users can share contents of this online offer within Twitter. If the users are members of the Google+ platform, Google can call up the o.g. Assign content and functions to the profiles of the users there. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). You can find more information on the use of data by Google, setting and objection options in Google's data protection declaration (https://policies.google.com/technologies/ads) and in the settings for displaying advertisements by Google (https://adssettings.google.com/authenticated).