1. Introduction
This website is operated by: ISLA PASSIÓ Niels-Holger Teichmann.
It is very important to us to handle our website visitors' data confidentially and to protect it in the best possible way. For this reason, we make every effort to meet the requirements of the GDPR.
Below we explain how we process your data on our website. We use language that is as clear and transparent as possible so that you really understand what happens to your data.
2. General information
2.1 Processing of personal data and other terms
Data protection applies to the processing of personal data. Personal data means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) you are currently sitting in front of. Such data is processed when 'something happens to it'. Here, for example, the IP is transmitted from the browser to our provider and automatically stored there. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR).
These and other legal definitions can be found in Art. 4 GDPR.
2.2 Applicable regulations/laws - GDPR, BDSG and TTDSG
The scope of data protection is regulated by law. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.
In addition, the TTDSG supplements the provisions of the GDPR as far as the use of cookies is concerned.
2.3 The person responsible
The controller within the meaning of the GDPR is responsible for data processing on this website. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
You can reach the person responsible at:
ISLA PASSIÓ Niels-Holger Teichmann
Carrer la Marina 29
07659 Cala Figuera
Balearic Islands
Spain
hello@isla-travel.de
2.4 How data is generally processed on this website
As we have already established, some data (e.g. IP address) is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent.
You provide us with other personal data consciously.
Detailed information on this can be found below.
2.5 Your rights
The GDPR provides you with comprehensive rights. These include, for example, free information about the origin, recipient and purpose of your stored personal data. You can also request the rectification, blocking or erasure of this data or lodge a complaint with the competent data protection supervisory authority. You can revoke your consent at any time.
The details of these rights and how to exercise them can be found in the last section of this privacy policy.
2.6 Data protection - Our view
Data protection is more than just a chore for us! Personal data has great value and careful handling of this data should be a matter of course in our digitalized world. As a website visitor, you should also be able to decide for yourself what "happens" to your data, when and by whom. That is why we are committed to complying with all legal regulations, only collect the data that is necessary for us and, of course, treat it confidentially.
2.7 Forwarding and deletion
The transfer and deletion of data are also important and sensitive issues. We would therefore like to briefly inform you in advance about our general approach to this.
Data will only be passed on on the basis of a legal basis and only if this is unavoidable. This may be the case in particular if it is a so-called processor and an order processing contract has been concluded in accordance with Art. 28 GDPR.
We delete your data when the purpose and legal basis for processing no longer apply and the deletion does not conflict with any other legal obligations. Art. 17 GDPR also provides a 'good' overview of this.
For further information, please refer to this privacy policy and contact the controller if you have any specific questions.
2.8 Hosting
This website is hosted externally. The personal data collected on this website is stored on the hoster's servers. This includes the automatically collected and stored log files (see below for more details), as well as all other data provided by website visitors.
External hosting is used for the purpose of secure, fast and reliable provision of our website and in this context serves to fulfill the contract with our potential and existing customers.
The legal basis for the processing is Art. 6 para. 1 lit. a, b and f GDPR, as well as § 25 para. 1 TTDSG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TTDSG.
Our hoster only processes data that is required to fulfill its performance obligation and acts as our processor, i.e. it is subject to our instructions. We have concluded a corresponding contract for order processing with our hoster.
We use the following hoster:
netCup
netCup GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany
https://www.netcup.de/kontakt/datenschutzerklaerung.php.
2.9 Legal basis
The processing of personal data always requires a legal basis. The GDPR provides the following options in Art. 6 para. 1 sentence 1:
a) The data subject has given their consent to the processing of their personal data for one or more specific purposes;
b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
c) the processing is necessary for compliance with a legal obligation to which the controller is subject;
d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
In the following sections, we will provide you with the specific legal basis for the respective processing.
3. What happens on our website
When you visit our website, we process your personal data.
We use SSL or TLS encryption to provide the best possible protection against unauthorized access by third parties. You can recognize this encrypted connection by the https:// or lock symbol in the address bar of your browser.
Below you can find out what data is collected when you visit our website, for what purpose this is done and on what legal basis.
3.1 Data collection when accessing the website
When you visit the website, information is automatically stored in so-called server log files. This is the following information:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is temporarily required in order to be able to display our website to you permanently and without any problems. In particular, this data is used for the following purposes:
- System security of the website
- System stability of the website
- Troubleshooting on the website
- Establishing a connection to the website
- Presentation of the website
Data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in the processing of this data, in particular our interest in the functionality of the website and its security.
Where possible, this data is stored in pseudonymized form and deleted once the respective purpose has been achieved.
If the server log files make it possible to identify the data subject, the data is stored for a maximum period of 14 days. An exception is made if a security-relevant event occurs. In this case, the server log files are stored until the security-relevant event has been resolved and finally clarified.
Otherwise, no merging with other data takes place.
3.2 Cookies
3.2.1 General information
This website uses so-called cookies. This is a data record, information that is stored in the browser of your end device and is related to our website.
The use of cookies can make it easier for visitors to navigate the website.
In our cookie consent tool, you will find all information about the cookies that we use on our website (if applicable, with your consent).
3.2.2 Rejecting cookies
You can manage all cookies that are not technically necessary directly via our cookie consent tool.
You can prevent cookies from being set by adjusting your browser settings.
Here you will find the corresponding links to frequently used browsers:
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l%C3%B6schen&redirectlocale=de
Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de
Microsoft Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
Safari: https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web and https://support.apple.com/de-de/guide/safari/sfri11471/mac
If you use a different browser, we recommend that you enter the name of your browser and 'delete and manage cookies' in a search engine and follow the official link to your browser.
Alternatively, you can also change your cookie settings under www.aboutads.info/choices/ or www.youronlinechoices.com manage.
However, we must point out that a comprehensive blocking/deletion of cookies can lead to impairments in the use of the website.
3.2.3 Technically necessary cookies
We use technically necessary cookies on this website to ensure that our website functions correctly and in accordance with the applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.
The legal basis for this is Art. 6 para. 1 lit. b, c and/or f GDPR, depending on the individual case.
3.2.4 Technically not necessary cookies
We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of the website visitor or to offer functions of the website that are not technically necessary.
The legal basis for this is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.
3.3 Data processing through user input
3.3.1 Own data collection
We offer the following services on our website: Booking of accommodation and events. We collect the following data for this purpose:
Name
E-mail address
Address
Phone number
The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.
The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.
3.3.2 Contact us
a) e-mail
When you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and in some cases on the respective end devices. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.
b) Telephone
If you contact us by telephone, the call data may be stored in pseudonymized form on the respective end device and with the telecommunications provider used. Personal data collected during the telephone call will only be processed in order to process your request. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.
c) Contact form
We offer a contact form. This is used to contact our company.
In this form, we usually process your first and last name, your telephone number, your e-mail address, a postal address and the content of the message. The data is stored on our web server and forwarded internally to the relevant e-mail addresses.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in responding to your request and in an uncomplicated way of contacting you. If the contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.
We delete this data no later than 3 months after receipt, unless it is required for a contractual relationship that has arisen.
3.4 Cookie Consent Tool
3.4.1 Real Cookie Banner
We use the Real Cookie Banner consent management tool from devowl.io GmbH, Tannet 12, 94539 Grafling, Germany, to ensure that only those cookies are set on our website for which there is a legal basis.
This service is used to obtain the website visitor's consent to the storage of certain cookies in their browser or the use of certain technologies and to document them in accordance with data protection regulations.
When this website is accessed, the consent given by the website visitor or the withdrawal of consent is stored as a Real Cookie Banner cookie in the website visitor's browser. No connection to the Real Cookie Banner servers is established for this purpose.
The legal basis is Art. 6 para. 1 lit. c GDPR. Real Cookie Banner is used to obtain the legally required consent for the use of cookies.
The data collected will be stored until the website visitor requests deletion or deletes the Real Cookie Banner themselves or the purpose for storing the data no longer applies. The mandatory statutory retention periods remain unaffected by this.
3.5 Newsletter
3.5.1 Brevo
We use Brevo to provide our newsletter. This service is provided by Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany.
This service can be used to organize and analyse the sending of newsletters. The data entered to receive the newsletter is stored on Brevo's servers in Germany.
With the help of Brevo, interactions with the newsletter can be analyzed. In addition, conversion rates can be determined and newsletter users can be categorized in order to adapt the newsletter to different target groups.
You can object to this analysis via the link in every newsletter message.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of the processing that has already taken place remains unaffected by any revocation.
We also use other e-mail services from Brevo to fulfill our contractual services and for customer administration. The legal basis for this is Art. 6 para. 1 lit. b GDPR.
The data will be deleted at the end of the contract between us and Brevo, unless the website visitor withdraws their consent beforehand. If this is the case, the data will be deleted from the distribution list.
In addition, after unsubscribing from the newsletter, the e-mail address is stored on a blacklist separately from other data for an indefinite period of time. The legal basis for this is Art. 6 para. 1 lit.f GDPR. It serves the interest of the website visitor as well as our interest in using/operating a newsletter in accordance with the legal requirements.
Further details:
https://www.brevo.com/de/legal/privacypolicy/.
3.5.2 MailPoet
We use MailPoet to provide our newsletter. This service is provided by Aut O'Mattic A8C Ireland Ltd, Business Centre, No. 1 Lower Mayor Street, International Financial Services Centre, Dublin 1, Ireland with parent companies in the USA.
This service can be used to organize and analyse the sending of newsletters. The data entered to receive the newsletter is stored on MailPoet's servers in the USA.
With the help of MailPoet, interactions with the newsletter can be analyzed. In addition, conversion rates can be determined and newsletter users can be categorized in order to adapt the newsletter to different target groups.
You can object to this analysis via the link in every newsletter message.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of the processing that has already taken place remains unaffected by any revocation.
We also use other email services from MailPoet to fulfill our contractual services and for customer administration. The legal basis for this is Art. 6 para. 1 lit. b GDPR.
The data will be deleted at the end of the contract between us and MailPoet, unless the website visitor withdraws their consent beforehand. If this is the case, the data will be deleted from the distribution list.
In addition, after unsubscribing from the newsletter, the e-mail address is stored on a blacklist separately from other data for an indefinite period of time. The legal basis for this is Art. 6 para. 1 lit.f GDPR. It serves the interest of the website visitor as well as our interest in using/operating a newsletter in accordance with the legal requirements.
The EU Commission's Standard Contractual Clauses (SCC) apply to data transfers to the USA.
Further details:
https://account.mailpoet.com/
https://www.mailpoet.com/mailpoet-features/
https://www.mailpoet.com/privacy-notice/
https://automattic.com/de/privacy/.
3.6 Analysis and tracking tools
3.6.1 Google Analytics
We use Google Analytics on this website. Google Analytics is a web analysis service. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses cookies to recognize the user and thus analyze usage behavior. These cookies are only set with consent. Consent can be revoked at any time and managed in our cookie consent tool.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG.
The information collected here is usually transferred to a Google server in the USA and stored there.
On July 10, 2023, the European Commission adopted an adequacy decision for the USA. Goggle LLC is certified under the EU-US Privacy Framework. However, as the Google servers are located worldwide and data transfer to third countries (e.g. Singapore) cannot be ruled out, the EU Commission's Standard Contractual Clauses (SCC) apply.
The use of Google Analytics results in IP anonymization. The IP address of the respective user is shortened on servers within the member states of the EU (or the European Economic Area) in such a way that it is no longer possible to trace it back to a natural person. In addition, Google undertakes to provide appropriate data protection via the Google Ads data processing conditions and creates an evaluation of website use and website activity and provides the services associated with use. The Google Ads Data Processing Terms apply to companies that are subject to the EU General Data Protection Regulation (GDPR) of the European Economic Area (EEA), the California Consumer Privacy Act (CCPA) or similar regulations.
An additional browser plugin can be used to prevent the information collected (such as the IP address) from being sent to Google and used by Google. The plugin and further information can be found at https://tools.google.com/dlpage/gaoptout?hl=de.
Otherwise, the storage period depends on the type of data processed. Each customer can choose how long Google Analytics stores data before it is automatically deleted. The maximum lifespan of a Goggle Analytics cookie is two years.
Further information on the use of data by Google can also be found at https://support.google.com/analytics/answer/6004245?hl=de. For all other queries, you can also contact us directly at support-deutschland@google.com turn.
3.6.2 Google Maps
We use Google Maps on this website. Google Maps is a web mapping service. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When using Google Maps, the IP address is stored. This data is usually transferred to a Google server in the USA and stored there. We have no influence on this. Google may use Google Fonts for a uniform presentation. These fonts are loaded in the browser cache of the website visitor.
Google Maps uses cookies. These cookies are only set with your consent. Consent can be revoked at any time.
The legal basis is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as this consent includes access to information in the user's terminal device or the storage of cookies within the meaning of the TTDSG.
The EU Commission's Standard Contractual Clauses (SCC) apply to data transfers to the USA.
Further details:
https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/
https://policies.google.com/privacy?hl=de.
3.6.3 YouTube
We embed YouTube videos on this website. YouTube is an online video platform. This service is offered by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
As soon as you start a video on our website, a connection to the YouTube servers is established. After starting a video, YouTube can set cookies on the website visitor's end device in order to save settings and preferences and subsequently display personalized advertising. The information obtained from this is also used for video statistics, to improve user-friendliness and to prevent attempted fraud.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as this consent includes access to information in the user's terminal device or the storage of cookies within the meaning of the TTDSG. This consent can be revoked at any time.
Further information:
https://policies.google.com/privacy?hl=de.
3.6.4 Google Conversion Tracking
This website uses Google Conversion Tracking. Google Conversion Tracking is a web analysis service. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking uses cookies for identification. We learn the number of users and which actions were carried out on the website by the website visitors.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
The data will be deleted as soon as it is no longer required for the processing purposes.
Further details:
https://policies.google.com/privacy?hl=de.
3.6.5 Google Ads Remarketing
We use Google Ads Remarketing on this website. Google Ads Remarketing is a web analysis service. This service is offered by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads Remarketing sets cookies for the following purpose: Website visitors can be assigned to a specific target group and accordingly be provided with personalized advertising.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
Further details:
https://www.google.com/settings/ads/onweb/
https://policies.google.com/technologies/ads?hl=de.
3.6.6 Google Ads
We use Google Ads on this website. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The service enables us to link advertisements in the Google search engine to certain key words and to place targeted advertisements based on existing user data. Cookies are used for conversion tracking.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
The EU Commission's Standard Contractual Clauses (SCC) apply to data transfers to the USA.
Further details:
https://privacy.google.com/businesses/controllerterms/mccs/.
3.6.7 Google AdSense
We use Google AdSense on this website. Google AdSense is a service that integrates advertisements into a website. This service is offered by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When selecting advertising, so-called "context information" (e.g. location, website content) is used in non-personalized mode. Google AdSense uses cookies to combat fraud and abuse.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
The EU Commission's Standard Contractual Clauses (SCC) apply to data transfers to the USA.
Further details:
https://privacy.google.com/businesses/controllerterms/mccs/
https://adssettings.google.com/authenticated
https://policies.google.com/technologies/ads
https://www.google.de/intl/de/policies/privacy/.
3.6.8 Google DoubleClick
We use Google DoubleClick on this website. Google DoubleClick is an online advertising service. This service is provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google DoubleClick, interest-based advertisements are displayed to website visitors throughout the Google advertising network.
Google DoubleClick uses cookies to ensure the functions of Google DoubleClick and to display interest-based advertising.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
Further details:
https://policies.google.com/technologies/ads
https://adssettings.google.com/authenticated.
3.6.9 Meta pixel
We use meta pixels on this website. Meta Pixel is a conversion tracking tool. This service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Habour, Dublin 2, Ireland.
Meta-pixel enables us to track the behavior of the website visitor after they have been redirected to the website via a Facebook ad.
Meta-Pixel uses cookies for its own advertising purposes. The data is stored and processed by Facebook so that a connection to the respective user profile can be established.
The data collected is also transferred to the USA and other third countries. The standard contractual clauses (SCC) of the EU Commission apply to data transfers to the USA.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
If personal data is collected on this website with the help of meta pixels and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Habour, Dublin 2, Ireland are jointly responsible for data processing in accordance with Art. 26 GDPR. This joint responsibility is limited exclusively to the collection and transfer of data to Facebook. There is an agreement on joint processing for this purpose:
https://www.facebook.com/legal/controller_addendum.
We are responsible for providing data protection information when using the Facebook tool and for the secure integration of the tool on the corresponding website in accordance with data protection law. Facebook, on the other hand, is responsible for the data security of its products. This means that data subjects' rights with regard to the data processed by Facebook must be asserted directly with Facebook.
Further details:
https://de-de.facebook.com/about/privacy/
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_scrnen
http://www.youronlinechoices.com/de/praferenzmanagement/
https://www.facebook.com/legal/EU_data_transfer_addendum
https://de-de.facebook.com/help/566994660333381.
3.7 Social media plugins
3.7.1 Social media elements with Shariff
Elements of social networks are integrated on this website. Shariff makes it possible to design this integration in compliance with data protection regulations.
The connection between website visitors and the social network is established after clicking a button.
This constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR and §25 para. 1 TTDSG. This consent can be revoked at any time.
This service is used to obtain the legally required consent for the use of certain technologies. This is based on the legal basis of Art. 6 para. 1 lit. c GDPR.
3.7.2 Instagram
Elements of the social network Instagram are integrated on this website. This service is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
If the social media element is activated, a direct connection is established between the website visitor and the Instagram servers and their IP address is transmitted to Instagram. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. As the website operator, we have no knowledge of the content of the transmitted data.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
If personal data is collected on this website with the help of Facebook or Instagram and forwarded to Meta, the website operator and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Habour, Dublin 2, Ireland are jointly responsible for data processing in accordance with Art. 26 GDPR. This joint responsibility is limited exclusively to the collection and transfer of data to Facebook and Instagram. There is an agreement on joint processing for this purpose:
https://www.facebook.com/legal/controller_addendum.
The website operator is responsible for providing data protection information when using the Instagram tool and for the secure integration of the tool on the corresponding website in accordance with data protection law. Facebook and Instagram, on the other hand, are responsible for the data security of their products. This means that data subjects' rights with regard to data processed by Facebook or Instagram must be asserted directly with Facebook or Instagram.
The EU Commission's Standard Contractual Clauses (SCC) apply to data transfers to the USA.
https://www.facebook.com/legal/EU_data_transfer_addendum
https://de-de.facebook.com/help/566994660333381
https://www.facebook.com/policy.php
https://instagram.com/about/legal/privacy/.
3.8 Social media profiles
In addition to our website, our company is also present on social networks. Here
we want to present our company and create the opportunity to get in touch with us.
We also use the opportunity to place advertisements and job advertisements on social media.
In the following, we provide information about which data we and the respective social network collect when you visit and
the interaction with our profile.
3.9 Facebook
We operate a Facebook fan page at https://www.facebook.com/. This social network is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
3.9.1 Interaction with our company profile
When you visit our Facebook profile and interact with us, we process personal data. On the one hand, the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.
The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Facebook profile.
Insofar as an inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.
3.9.2 Page Insights
As explained in the Meta Privacy Policy under "How do we use your information?" (Meta also collects and uses information to provide analytics services, known as Page Insights, for site operators. This also applies to our Facebook page.
Page insights are summarized statistics that are created based on certain interactions of visitors with pages and the content associated with them (e.g. viewing a page or a video, subscribing to a page, marking a page with "Like" or "No longer like", etc.) and are logged by the meta servers.
In connection with the Page Insights, Meta provides us with summarized statistics and insights that give us information about how people interact with our company website. We do not have access to any personal data, only to the summarized Page Insights. With the help of Page Insights, we can view anonymous statistics, e.g. the reach of our account, page views, likes, etc.. These also contain evaluations according to age, gender and location of the users (as specified by them in their respective Facebook profiles). To evaluate the reach, we can make settings or set appropriate filters with regard to the selection of a time period, the viewing of a specific post and demographic groupings. This data is anonymized. It is not possible for us to draw conclusions about specific individuals.
The purpose of processing this data is to analyze our reach and adapt our content and advertisements to user interests so that visitors can derive the greatest possible benefit from them. By evaluating this data, we can recognize how our content, our profile and our advertising are consumed. This enables us to create target group-specific content and place advertisements in order to better market our company and our services.
The processing is based on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
When processing personal data in the course of the so-called Page Insights, we are jointly responsible with Facebook in accordance with Art. 26 para. 1 GDPR.
We have concluded a corresponding agreement with Facebook for this purpose, which can be viewed here (https://www.facebook.com/legal/terms/page_controller_addendum).
The contact details for Facebook are:
Online contact: https://www.facebook.com/help/contact/1650115808681298
Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland.
For Facebook, you can contact the data protection officer at the following link: https://www.facebook.com/help/contact/540977946302970.
Further information about the Page Insights:
https://de-de.facebook.com/help/pages/insights.
3.9.3 Processing of personal data and cookies by Meta
When you access a Facebook page, the IP address assigned to your end device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for "German" IP addresses). Facebook also stores information about the end devices of its users (e.g. as part of the "login notification" function); Facebook may thus be able to assign IP addresses to individual users. If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is stored on your device. This enables Facebook to track that you have visited this page and how you have used it. Facebook buttons integrated into websites enable Facebook to record your visits to these websites and assign them to your Facebook profile. This data can be used to tailor content or advertising to you.
Information on how personal data can be managed or deleted can be found in Facebook's Privacy Center:
https://www.facebook.com/privacy/center/.
Further information on the handling of data by Facebook can be found here:
http://de-de.facebook.com/about/privacy.
3.10 Instagram
We operate an Instagram profile. This social media platform is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
3.10.1 Interaction with our company profile
When you visit our Facebook profile and interact with us, we process personal data. On the one hand, the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.
The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our Instagram profile..,
Insofar as an inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.
3.10.2 Insights
As explained in the Meta Privacy Policy under "How do we use your information?" (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect), Meta also collects and uses information to provide analytics services, known as insights, for site operators. This also applies to our Instagram profile.
Insights are summarized statistics that are created based on certain interactions of visitors with pages and the content associated with them and are logged by the meta servers. This includes the following information, among others
- How many people see and interact with our products, services or content, such as posts, videos, Facebook pages, listings, stores and advertisements (if the advertisement is shown on meta-products);
- How people interact with our content, websites, apps and services;
- Which group of people interact with our content and which group of people use our services.
Meta provides us with summarized reports and insights that tell us how well our content, features, products and services are performing.
We do not receive access to personal data, but only to the summarized reports.
To evaluate the reach, we can make settings or set appropriate filters with regard to the selection of a time period, the viewing of a specific post and demographic groupings. This data is anonymized. It is not possible for us to draw conclusions about specific individuals.
The purpose of processing this data is to analyze our reach and adapt our content and advertisements to user interests so that visitors can derive the greatest possible benefit from them. By evaluating this data, we can recognize how our content, our profile and our advertising are consumed. This enables us to create target group-specific content and place advertisements in order to better market our company and our services.
The processing is based on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
When processing personal data in the course of so-called insights, the processing is carried out under joint responsibility with Meta in accordance with Art. 26 para. 1 GDPR.
We have concluded a corresponding agreement with Meta, which can be viewed here (https://www.facebook.com/legal/terms/page_controller_addendum.).
Meta's contact details are as follows:
Online contact: https://www.facebook.com/help/contact/1650115808681298
Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland.
For Facebook, you can contact the data protection officer at the following link:
https://www.facebook.com/help/contact/540977946302970.
Further information about the Insights:
https://de-de.facebook.com/help/pages/insights.
You can find Instagram's full privacy policy here:
https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
3.10.3 Processing of personal data and cookies by Meta
When you access an Instagram page, the IP address assigned to your device is transmitted to Meta. According to Meta, this IP address is anonymized (for "German" IP addresses). Meta also stores information about the end devices of its users (e.g. as part of the "login notification" function); Meta may thus be able to assign IP addresses to individual users. If you are currently logged in to Instagram as a user, a cookie with your Instagram ID is stored on your device. This enables Meta to track that you have visited this page and how you have used it. Meta buttons integrated into websites enable Meta to record your visits to these websites and assign them to your Instagram profile. This data can be used to tailor content or advertising to you.
Further information:
https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.
3.11 Pinterest
We operate a Pinterest profile. Pinterest is offered by Pinterest Europe Ltd Palmerston House, 2nd Floor Fenian Street Dublin 2 Ireland.
3.11.1 Shared responsibility
We are jointly responsible for our profile with Pinterest. The underlying joint controlling agreement can be viewed here: https://business.pinterest.com/de/pinterest-advertising-services-agreement/rest-of-apac/.
Pinterest's data protection officer can be contacted here: https://help.pinterest.com/de/data-protection-officer-contact-form.
3.11.2 Data processing by Pinterest
When you visit our Pinterest page, Pinterest collects, among other things, log data that the browser automatically transmits when you visit the website (e.g. IP address, search history, browser type and settings, date and time of the request, etc.). Device information is also processed by Pinterest (e.g. device type, operating system).
Further information can be found at:
https://policy.pinterest.com/de/technical-information-we-collect-when-you-use-our-service and https://policy.pinterest.com/de/privacy-policy.
Pinterest can also set cookies. Some of the data processed in this way is assigned to the user's account.
Further information can be found at:
https://policy.pinterest.com/de/cookies.
3.11.3 Data processing by us
When Pinterest users communicate with us via our Pinterest profile, we receive the user's respective message (including their Pinterest user name).
We also process the comments published by users.
Our data processing serves the purpose of presenting our published content on Pinterest and communicating with users.
The legal basis for this is Art. 6 para. 1 lit. f GDPR, as we have a legitimate interest in presenting relevant information to interested users and communicating about this.
The "Pinterest Analytics" function is available to us in our Pinterest profile, which allows us to view statistical evaluations.
The data we receive from Pinterest are merely anonymous statistics about the visitors to our Pinterest profile. These statistics are not personal and do not allow any conclusions to be drawn about individual users.
3.11.4 Passing on the data
When we receive messages from users, we do not transmit the content of these messages to other recipients.
Information about the transmission of data to third parties by Pinterest can be found here:
https://policy.pinterest.com/de/privacy-policy and https://help.pinterest.com/de/article/ads-performance-reporting.
3.11.5 Storage duration
In connection with our Pinterest profile, we only store the messages that we receive when Pinterest users communicate with us via our Pinterest profile. We delete these messages at the latest after the statutory retention period has expired.
The respective storage period by Pinterest is described in their data policy at https://policy.pinterest.com/de/privacy-policy.
3.12 Third-party content
3.12.1 Google reCAPTCHA
This website uses Google reCAPTCHA. Google reCAPTCHA is a plugin provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The service makes it possible to determine whether data is entered by a human or by an automated program. This analysis begins automatically in the background as soon as the website is accessed. Various information is collected for this purpose, which is transmitted to Google. There is no indication of this analysis.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
Further details:
https://policies.google.com/privacy?hl=de
https://policies.google.com/terms?hl=de.
3.12.2 NitroPack
We use the CDN from NitroPack. This service is provided by NitroPack Ltd, 3 Prof. Georgi Bradistilov, entr. A, 3rd floor, Sofia, Bulgaria.
A Content Delivery Network (CDN) is a distributed network of servers used to deliver web content such as web pages, images and videos to users faster by providing the data from a server geographically closer to the user. This reduces load times and improves the user experience while protecting websites from high traffic loads and security threats.
For this purpose, personal data such as the IP address, device information and URL referrer are forwarded to NitroPack.
NitroPack uses variation cookies to provide optimized content correctly. Website visitors cannot be identified as a result.
The legal basis is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in increasing the security and delivery speed of our website and using a CDN.
This data is stored until the data subject requests deletion, the consent for storage is revoked or the purpose for storage no longer applies.
Further information:
https://nitropack.io/page/privacy.
3.12.3 Deepl API for translation management
https://www.deepl.com/de/pro-api?cta=header-pro-api
3.13 Affiliate marketing
3.13.1 ClickBank
We use ClickBank on our website to sell products and integrate affiliate links. ClickBank is a service of Click Sales, Inc, 1444 S. Entertainment Ave, Suite 410, Boise, Idaho 83709, USA.ClickBank is a leading global commerce platform with its own marketplace that enables you to increase your own sales with a global affiliate network. The integration of ClickBank and the use of affiliate links serve the purpose of facilitating the sale of our products and enabling us to earn a commission on sales generated by affiliate links.
ClickBank may also set cookies to improve the user experience and enable certain functions. These cookies are only set with consent, which can be revoked at any time. The legal basis for this is Art. 6 para. 1 lit. a GDPR.
Otherwise, the data is processed on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to market our products efficiently and to generate revenue through sales and affiliate links.
It is possible that ClickBank transfers data to the USA. In such cases, ClickBank ensures that an adequate level of data protection is guaranteed in accordance with European data protection standards. ClickSales is certified according to the EU-U.S. Data Privacy Framework.
For more information about ClickBank and its privacy practices: https://support.clickbank.com/hc/en-us/articles/360004057131-ClickBank-Privacy-Policy?_ga=2.255805195.244619547.1695025593-2068446198.1695025592&_gl=1*1b9tq0h*_ga*MjA2ODQ0NjE5OC4xNjk1MDI1NTky*_ga_Q17BLCFMQX*MTY5NTAyNzc3Mi4yLjEuMTY5NTAyNzc3My4wLjAuMA..
3.13.2 Amazon PartnerNet
On our website, we use the functions of Amazon PartnerNet, a platform provided by Amazon Europe Core S.à r.l., 5 Rue Plaetis, L-2338 Luxembourg. Amazon PartnerNet enables merchants and influencers to work together and create joint marketing campaigns.
Amazon PartnerNet is Amazon's affiliate marketing program that enables content creators, publishers and bloggers to earn money by recommending Amazon products and programs. Partners use special link tools to direct their audience to these recommendations and generate revenue through qualified purchases and certain customer promotions.
Amazon collects data that is actively given to the company, e.g. name, e-mail address, payment information. Amazon also sets cookies to obtain device information, user behavior and the IP address. If the website visitor is logged into an Amazon account, the data collected is assigned to the corresponding user account.
The processing of the data enables us to provide special offers and collaborations as part of Amazon PartnerNet. The data is used to present personalized offers and information, to facilitate collaboration between retailers and influencers and to personalize and improve experiences and offers on our website.
The legal basis for this is consent pursuant to Art. 6 para. 1 lit. a GDPR, which can be revoked at any time.
We also have a legitimate interest in providing shipment tracking and attractive offers in accordance with Art. 6 para. 1 lit. f GDPR.
https://www.amazon.co.uk/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=502584.
3.13.3 Awin
We integrate the functions of Awin on our website. This is a service provided by Awin AG, Otto-Ostrowski-Straße 1A, 10249 Berlin, Germany.
Awin is a global affiliate marketing platform. This network brings together advertisers and website operators to provide a platform for advertising the products or services being promoted. In the field of affiliate marketing, advertisers are usually referred to as advertisers and website operators as publishers. Publishers place advertisements from advertisers on their websites and receive a commission if a click or sale is made.
Cookies are used to track these sales so that they can be assigned to the relevant advertisers.
Awin does not require direct identification of the user for the processing of user data, which is why only "pseudonymized" data is generally processed by Awin.
These cookies are only set with consent. This consent can be revoked at any time. The legal basis for this is Art. 6 para. 1 lit. a GDPR.
Otherwise, the data is processed on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to market our products efficiently and to generate revenue through sales and affiliate links.
Further information: https://www.awin.com/de/datenschutzerklarung
3.14 Further services
3.14.1 TranslatePress Business with Deepl API
4. What else is important
Finally, we would like to inform you in detail about your rights and how you will be informed about changes to data protection requirements.
4.1 Your rights in detail
4.1.1 Right to information in accordance with Art. 15 GDPR
You can request information as to whether your personal data is being processed. If this is the case, you can request further information on the type and manner of processing. A detailed list can be found in Art. 15 para. 1 lit. a to h GDPR.
4.1.2 Right to rectification in accordance with Art. 16 GDPR
This right includes the correction of incorrect data and the completion of incomplete personal data.
4.1.3 Right to erasure in accordance with Art. 17 GDPR
This so-called 'right to be forgotten' gives you the right, under certain conditions, to request the deletion of your personal data by the controller. This is generally the case if the purpose of the data processing no longer applies, if consent has been withdrawn or if the initial processing took place without a legal basis. A detailed list of reasons can be found in Art. 17 para. 1 lit. a to f GDPR. This "right to be forgotten" also corresponds to the controller's obligation under Art. 17 para. 2 GDPR to take reasonable measures to bring about the general erasure of data.
4.1.4 Right to restriction of processing in accordance with Art. 18 GDPR
This right is subject to the conditions set out in Art. 18 para. 1 lit. a to d.
4.1.5 Right to data portability pursuant to Art. 20 GDPR
This regulates the basic right to receive your own data in a commonly used form and to transfer it to another controller. However, this only applies to data processed on the basis of consent or a contract in accordance with Art. 20 (1) (a) and (b) and insofar as this is technically feasible.
4.1.6 Right to object pursuant to Art. 21 GDPR
In principle, you can object to the processing of your personal data. This applies in particular if your interest in objecting outweighs the legitimate interest of the controller in the processing and if the processing relates to direct marketing and/or profiling.
4.1.7 Right to "individual decision-making" pursuant to Art. 22 GDPR
In principle, you have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you. However, this right is also restricted and supplemented by Art. 22 (2) and (4) GDPR.
4.1.8 Further rights
The GDPR contains comprehensive rights to inform third parties whether or how you have asserted rights under Art. 16, 17, 18 GDPR. However, this is only possible or feasible with reasonable effort.
We would like to take this opportunity to draw your attention once again to your right to withdraw your consent in accordance with Art. 7 (3) GDPR. However, this does not affect the lawfulness of the processing carried out up to that point.
We would also like to draw your attention to your rights under §§ 32 ff. BDSG, which, however, are largely congruent with the rights just described.
4.1.9 Right to lodge a complaint pursuant to Art. 77 GDPR
You also have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of personal data relating to you infringes this Regulation.
5. What if the GDPR is abolished tomorrow or other changes take place?
The current status of this data protection declaration is 15.04.2024. From time to time it is necessary to adapt the content of the data protection declaration in order to react to actual and legal changes. We therefore reserve the right to amend this privacy policy at any time. We will publish the amended version in the same place and recommend that you read the privacy policy regularly.
Created with the kind support of Dieter does data protection