Privacy Policy
General Notice and Mandatory Information
Designation of the responsible entity
The responsible data processing unit on this website is:
Travel Hidden Gems – Toni Moser
Toni Moser
Egkstraße, 10
91074 Herzogenaurach
The responsible entity decides alone or jointly with others on the purposes and means of processing personal data (e.g., names, contact details, etc.).
Revocation of your consent to data processing
Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. An informal message by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to complain to the competent supervisory authority
As the data subject, you have a right to complain to the competent supervisory authority in the event of a data protection breach. The competent supervisory authority regarding data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
Right to access, rectification, blocking, erasure
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, the origin of the data, its recipients, and the purpose of data processing and, if necessary, a right to rectification, blocking, or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data you transmit via this website is not readable by third parties. You can recognize an encrypted connection in the “https://” address line of your browser and by the lock symbol in the browser line.
Server log files
In server log files, the website provider automatically collects and stores information that your browser automatically transmits to us. These are:
- Visited page on our domain
- Date and time of the server request
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Registration on this website
To use certain features, you can register on our website. The transmitted data serves solely for the purpose of using the respective offer or service. Required information requested during registration must be provided in full. Otherwise, we will reject the registration.
In the case of important changes, for technical reasons, for example, you will be informed via email. The email will be sent to the address given during registration.
The processing of the data entered during registration is based on your consent (Art. 6 (1) (a) DSGVO). A revocation of your already given consent is possible at any time. For the revocation, an informal message by e-mail is sufficient. The legality of the already completed data processing operations remains unaffected by the revocation.
We store the data collected during registration for the period you are registered on our website. Your data will be deleted should you cancel your registration. Legal retention periods remain unaffected.
Contact form
Data submitted via the contact form, including your contact details, will be stored to process your inquiry or to be available for follow-up questions. This data will not be passed on without your consent.
The processing of the data entered into the contact form is exclusively based on your consent (Art. 6 (1) (a) GDPR). A revocation of your already given consent is possible at any time. An informal message by email is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it, or there is no longer any need to store the data. Mandatory statutory provisions – in particular retention periods – remain unaffected.
Newsletter data
To send our newsletter, we need an email address from you. Verification of the specified email address is necessary and the receipt of the newsletter is to be consented to. Additional data is not collected or is voluntary. The use of the data takes place exclusively for the dispatch of the newsletter.
The data provided in the newsletter registration are processed exclusively based on your consent (Art. 6 (1) (a) GDPR). A revocation of your already given consent is possible at any time. For the revocation, an informal message by email is sufficient or you unsubscribe via the “unsubscribe” link in the newsletter. The legality of the already completed data processing operations remains unaffected by the revocation.
Data entered to set up the subscription will be deleted in the case of unsubscription. If these data have been transmitted to us for other purposes and elsewhere, they will remain with us.
CookieYes
Nature and scope of processing
We use the CookieYes service to manage the consent of our website visitors for cookie storage and to comply with legal requirements for the use of cookies. CookieYes is a consent management tool provided by Mozilor Technologies Ltd.
When you visit our website, a CookieYes cookie is stored in your browser to record your consent(s) or the revocation of your consent(s). This allows our website to remember your consent preferences and ensure that we comply with them.
Purpose and legal basis
The use of CookieYes is based on your consent according to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG. You have the right to revoke your consent at any time, which does not affect the legality of the processing based on the consent until the revocation.
Storage duration
The cookies set by CookieYes have a variable lifespan, depending on the type of cookie and the settings you have made. You can view the exact storage duration of individual cookies in the cookie settings on our website.
Further information on the use of data by CookieYes can be found in the privacy policy of CookieYes: https://www.cookieyes.com/privacy-policy/.
Cloudflare CDN
Nature and scope of processing
We use Cloudflare CDN to properly deliver the content of our website. Cloudflare CDN is a service of Cloudflare, Inc., which acts as a content delivery network (CDN) on our website.
A CDN helps to provide content of our online offering, especially files such as graphics or scripts, with the help of regionally or internationally distributed servers faster. When you access these contents, you establish a connection to servers of Cloudflare, Inc., whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Cloudflare CDN.
Purpose and legal basis
The use of the content delivery network is based on our legitimate interests, i.e., interest in a secure and efficient provision and optimization of our online offer according to Art. 6 (1) (f) GDPR.
We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed on alternative appropriate safeguards within the meaning of Art. 44 et seq. GDPR with the recipients of the data. These are – unless otherwise indicated – EU Commission’s standard contractual clauses according to Implementing Decision (EU) 2021/914 of4 June 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.
Storage duration
The specific storage duration of the processed data cannot be influenced by us but is determined by Cloudflare, Inc. Further information can be found in the privacy policy for Cloudflare CDN: https://www.cloudflare.com/privacypolicy/.
WP Google Maps
Nature and scope of processing
We use WP Google Maps on our website to embed map content. WP Google Maps is a WordPress plugin that allows interactive maps to be directly displayed on our website. Using WP Google Maps may result in data being transmitted to Google, such as your IP address and which page you have visited.
Purpose and legal basis
The use of WP Google Maps is for the purpose of making our online offerings more appealing and to facilitate the location of places specified by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
Storage duration
The specific storage duration of processed data cannot be influenced by us but is determined by Google. For more information on data processing by Google, please refer to Google’s privacy policy: https://policies.google.com/privacy.
If you do not want Google to collect, process, or use data about you via our website, you can disable JavaScript in your browser settings. However, you will not be able to use our map functions, or only to a limited extent.
Entschuldige das Versehen. Der Teil über WP Google Maps (oder WP Go Maps) wurde in der vorherigen Antwort nicht vollständig behandelt. Hier ist der ergänzende Text für die Datenschutzerklärung in Englisch, basierend auf den vorherigen Abschnitten:WP Google Maps
Nature and scope of processing
We use WP Google Maps on our website to embed map content. WP Google Maps is a WordPress plugin that allows interactive maps to be directly displayed on our website. Using WP Google Maps may result in data being transmitted to Google, such as your IP address and which page you have visited.
Purpose and legal basis
The use of WP Google Maps is for the purpose of making our online offerings more appealing and to facilitate the location of places specified by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
Storage duration
The specific storage duration of processed data cannot be influenced by us but is determined by Google. For more information on data processing by Google, please refer to Google’s privacy policy: https://policies.google.com/privacy.
If you do not want Google to collect, process, or use data about you via our website, you can disable JavaScript in your browser settings. However, you will not be able to use our map functions, or only to a limited extent.
Google Maps
Nature and scope of processing
We use the Google Maps service for creating directions. Google Maps is a service of Google Ireland Limited, which displays a map on our website. When you access these contents of our website, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. These data are processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google Maps.
Purpose and legal basis
The use of Google Maps is based on your consent according to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed on alternative appropriate safeguards within the meaning of Art. 44 et seq. GDPR with the recipients of the data. These are – unless otherwise indicated – EU Commission’s standard contractual clauses according to Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.
In addition, before such a transfer to a third country, we obtain your consent according to Art. 49 (1) sentence 1 lit. a GDPR, which you provide via the consent manager (or other forms, registrations, etc.). We inform you that there may be unknown risks associated with third country transfers (e.g., processing of data by security authorities of the third country, whose exact scope and consequences for you we do not know, over which we have no influence, and of which you may not be aware).
Storage duration
The specific storage duration of the processed data cannot be influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Maps: https://policies.google.com/privacy.
If you do not want Google to collect, process, or use data about you in the context of WP Google Maps, you can disable JavaScript in your browser settings. However, in this case, you will not be able to use our maps, or only to a limited extent.
Google Web Fonts
Nature and scope of processing
We use Google Fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as a service to provide fonts for our online offering. To obtain these fonts, you establish a connection to servers of Google Ireland Limited, whereby your IP address is transmitted.
Purpose and legal basis
The use of Google Fonts is based on your consent according to Art. 6 (1) (a) GDPR and § 25 (1) TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. In cases where there is no adequacy decision by the European Commission (e.g., in the USA), we have agreed on alternative appropriate safeguards within the meaning of Art. 44 et seq. GDPR with the recipients of the data. These are – unless otherwise indicated – EU Commission’s standard contractual clauses according to Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.
In addition, before such a transfer to a third country, we obtain your consent according to Art. 49 (1) sentence 1 lit. a GDPR, which you provide via the consent manager (or other forms, registrations, etc.). We inform you that there may be unknown risks associated with third country transfers (e.g., processing of data by security authorities of the third country, whose exact scope and consequences for you we do not know, over which we have no influence, and of which you may not be aware).
Storage duration
The specific storage duration of the processed data cannot be influenced by us but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Fonts: https://policies.google.com/privacy.