1. Data protection at a glance
Data collection on our website
Who is responsible for the data collection on this website?
Data processing on this website is carried out by the website owner. You can find his contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected by you providing it to us. This may be, for example, data that you enter in a contact form or booking form.
Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page view). This data is collected automatically as soon as you visit our website.
What do we use your data for?
Automatically collected data is used to ensure error-free provision of the website. Furthermore, data transmitted to us will be used exclusively for the provision of services in accordance with our terms and conditions of brokerage.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have a right to request the correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Third-party analytics and tools
As a responsible company, we do not engage in behavioral tracking or user profiling of our customers or website visitors. No analytics tools or third-party tools are used to analyze your browsing behavior.
2 General notes and mandatory information
We would like to point out that data transmission on the Internet (e.g. unencrypted communication by e-mail) may have security vulnerabilities. Complete protection of the data against access by third parties is not possible.
Note on the responsible party
The responsible party for data processing on this website is:
IMM Reiseservice KG
Phone: +49 7152 948596
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal message by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the data subject shall have a right of appeal to the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection commissioner of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Service/Kontakt/Kontaktfinder/kontaktfinder_node.html.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses an SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
Objection to advertising e-mails
The use of contact data published within the scope of the imprint obligation for the transmission of not expressly requested advertising and information materials is hereby contradicted. The owner of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
3. Data collection on our website
The internet pages partly use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
The cookies we use all fall under the category of technically necessary cookies. Most of them are so-called “session cookies”, which store certain settings of the website visitor (e.g. the shopping cart or language settings).
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. In case of complete deactivation of cookies, the functionality of this website may be limited.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website owner has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Other cookies (e.g. tracking cookies to analyze your surfing behavior) do not apply.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is not merged with other data sources.
The basis for the data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Contact, inquiry and booking form
If you send us inquiries via contact, inquiry and booking form, your data from the form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.
The processing of the data entered in the contact form is therefore based exclusively on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. For this purpose, an informal message by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures. We collect, process and use personal data about the use of our Internet pages (usage data) only to the extent necessary to enable the user to use the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transfer upon conclusion of a contract for services and digital content
We transmit personal data to third parties only if this is necessary for the processing of the contract, for example, to the credit institution entrusted with the processing of payments. Furthermore, we transmit necessary personal data to our service partner TrustedShops to give our customers the opportunity to submit customer reviews and vacation home ratings.
A further transmission of the data does not take place or only if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for the data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
4. Social media
Share content via plugins (Facebook, Google+1, Twitter & Co.)
The content on our pages can be shared in social networks such as Facebook, Twitter or Google+ in a privacy-compliant manner. In order to prevent the visit to our website from being comprehensively recorded and evaluated by providers of social media / social sharing functions, we use the “Shariff script” developed by c’t/heise.de for sharing on Facebook, Twitter and Google Plus.
With Shariff, you can use social media without unnecessarily compromising your privacy. The c’t project Shariff replaces the usual share buttons of social networks and protects your surfing behavior from prying eyes. Nevertheless, a single click on the button is enough to share information with others. You don’t need to do anything else for this – the webmaster has already taken care of everything.
The usual social media buttons transmit user data to Facebook & Co. with every page view and give the social networks precise information about your surfing behavior (user tracking). You do not need to be logged in or a member of the network to do this. In contrast, a shariff button establishes direct contact between the social network and the visitor only when the latter actively clicks on the share button.
In this way, Shariff prevents you from leaving a digital trail on every page you visit and improves data protection. Then you can like, +1, or tweet as you see fit – that’s all the information the social network gets.
The display of “Likes” comes from the operator of the page with the buttons, thanks to Shariff. Because Shariff is integrated by the webmaster, you as a visitor do not have to do anything else.
More information about the Shariff social media buttons can be found at: https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
5. Usage of OpenStreetMap
This website uses the Leaflet API, a mapping service that allows OpenStreetMap – the open source alternative of Google Maps – to be embedded into the website. For the correct display it is necessary from a technical point of view to make requests to other servers. Through these requests, it would be possible in principle that information about your use of this website (including your IP address) is transmitted to other servers and stored there. The other servers are limited to openstreetmap.de (map layers) and unpkg.com (leaflet files) after analyzing the developer tools.
Openstreetmap is used in the interest of enhancing our online offering. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
For more information on OpenStreetMap, visit https://www.openstreetmap.de. For more information on the API Leaflet used, please visit https://www.leafletjs.com