With this data protection declaration we would like to inform you about the type, scope and purpose of the processing of personal data on our website. Personal data are all data that have a personal relationship with you, e.g. B. Name, address, email address or user behavior.

Responsible for data processing is:

Web hosting

In order to maintain our online presence, we use an Internet service provider whose server the website is stored on (hosting) and who makes our website available on the Internet. The Internet service provider processes contact data, content data, contract data, usage data, inventory data as well as meta and communication data on our behalf. Legal basis: The legal basis for the processing described above is our legitimate interest in the efficient and secure provision of our online offer, Art. 6 Para. 1 lit. f GDPR i. V. m. Art. 28 GDPR (order processing contract).

If you only use our website for information purposes, our internet service provider will only collect the personal data, which the browser you are using transmits to its server. This is the following data:

Cookies

Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are stored and saved on the device you are using.Cookies neither transmit viruses nor can they run programs. Rather, they serve primarily to exchange information between the end device you use and our website, in order to make our website more user-friendly and effective for you. A distinction must be made between temporary (transient) cookies and persistent cookies. Transient cookies include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This means that our website recognizes your computer when you return to our website. The session cookies are deleted when you log out or close your browser. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You have the option to delete these cookies at any time in the security settings of your browser.

Cookies are used to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. In particular, information about language settings or log-in information can be stored in these cookies.

Our legitimate interest in data processing lies in the above purposes. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR.

Since the cookies are stored on your computer, you as the user have full control over the use of cookies. You can use your browser's security settings to determine whether cookies are stored at all. For example, you can accept cookies from the outset or only on request, or you can specify that cookies are deleted each time you close your browser. If cookies are deactivated for our website, it may not be possible to use all functions of the website to their full extent.

Message validity / cancellation

We delete or block your personal data as soon as the purpose of storage has been achieved or no longer applies. Any further storage will only take place if this is given to us by national or European regulations. In this case, the data will be blocked or deleted if the storage period prescribed in the respective regulations has expired, unless we need your data to fulfill a contract concluded between us or if this is necessary to assert, exercise or defend legal claims ,

Contact via the contact form, email, social media or telephone

Scope: Insofar as you use the contact form offered on our website or contact us by email, phone or social media and provide us with personal data, this data is automatically stored and processed by us in order to process your request. This data is only processed for correspondence with you. The data is transmitted via an encrypted SSL connection. Your data will not be passed on to third parties.Purpose: We need your name so that we can address you in our answer. We need your email address in order to be able to answer your request. We need your telephone number in order to be able to respond to your callback request. Legal basis: The legal basis for the above-described use of the data is Art. 6 Para. 1 lit. a GDPR deletion: The personal data we collect will be deleted if it is no longer required. We check the necessity every 2 years. You can also revoke the data processing at any time. Prevention: You can prevent the storage and processing of your personal data by refraining from using the contact form.

Guest book

You have the opportunity to register in our digital guest book. Since we may be liable for any infringing content (insulting, criticism, incitement, depiction of violence, etc.) of your comment, we store your IP address for a period of 7 days so that we can determine your identity if necessary. Legal basis: The legal basis for the storage of your data is Art. 6 Para. 1 lit. f GDPR. Deletion: The data we collect and transfer in this way will be automatically deleted after 14 days. Prevention: You can prevent the IP address from being saved by leaving no comments.

Online booking

If you use our website to make a booking, we need certain data in order to process your booking. This includes in particular your name and your address and electronic contact details, information on the processing of the payment process and the services used. We store this data. Specifically, we use the data you send us in particular

• To identify you as our customer,
• To process, fulfill and process your booking,
• get in touch with you
• Invoicing you
• to be able to process any liability claims,
• to be able to assert contractual claims against you.

We only pass on your personal data to third parties if:

• the disclosure according to Art. 6 Para. 1 S. 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
• according to Art. 6 Para. 1 S. 1 lit. c GDPR there is a legal obligation,
• this according to Art. 6 para. 1 sentence 1 lit. b GDPR is necessary for the processing of the contract concluded with you (e.g. transfer of the data to the logistics company responsible for the delivery or for the purpose of payment processing).

In addition, your personal data will not be passed on to third parties without your express consent. If we pass on your personal data to third parties, we limit the scope of the transmitted data to the necessary minimum.

When you make a booking, register for a user account or log in again, we save your IP address and the time of the respective user action. The purpose of storage is our but also your legitimate interests in protection against misuse and other unauthorized use. The legal basis for this is Art. 6 Para. 1 lit. c GDPR. This data will not be passed on to third parties unless the disclosure is necessary to pursue our claims or there is a legal obligation to do so in accordance with. Art. 6 para. 1 lit. c GDPR.

Purpose: The processes and interests described above represent the purpose of storing the data. Legal basis: We support the processing of your data in the above processes on the following legal basis:

• Insofar as we obtain your consent for processing, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
• In the processing that serves to fulfill a contract concluded with you, Art. 6 Para. 1 lit. b GDPR legal basis. This also applies to the processing operations required to carry out pre-contractual measures.
• Insofar as processing is necessary to fulfill a legal obligation to which we are subject, Art. 6 para. 1 lit. c GDPR as the legal basis.
• In the event that vital interests make processing necessary for you or another natural person, Art. 6 Para. 1 lit. d GDPR serves as the legal basis.
• If processing is necessary to safeguard one of our legitimate interests or a third party and your interests, fundamental rights and freedoms do not outweigh the former interest, Art. 6 Para. 1 lit. f GDPR as the legal basis for processing.

Deletion : Due to commercial and tax law requirements, we are obliged to save your address, payment and order data for a period of 10 years. After expiry of the statutory warranty rights (2 years), however, we restrict processing so that your data is only used to comply with legal obligations.

Your rights as a user of our online presence according to the GDPR

According to the GDPR, you have the rights listed below, which you can assert at any time from the person named in section 1 of this data protection declaration:

• Right to information: According to Art. 15 GDPR, you can request confirmation as to whether and which personal data we process about you.In addition, you can get free information from us about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or opposition , the existence of a right to lodge a complaint and the origin of your data, unless it was collected from us. You also have a right to information as to whether your personal data has been transferred to a third country or to an international organization. If this is the case, you have the right to receive information about the appropriate guarantees in connection with the transmission.
• Right to correction: According to Art. 16 GDPR, you can request the correction of inaccurate or incomplete personal data stored by us and concerning you.
• Right to deletion: According to Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, insofar as we do not need their processing for the following purposes:
  • to fulfill a legal obligation,
  • to assert, exercise or defend legal claims,
  • to exercise the right to freedom of expression and information or
  • for reasons of the public interest mentioned in Art. 17 Para. 3 lit c and d GDPR.
• Right to restriction: According to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data if
  • the accuracy of the data is contested by you for a period of time that enables us to check the accuracy of the personal data,
  • the processing of your data is unlawful, but you refuse to delete it and instead request that the use of the data be restricted,
  • we no longer need the personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims
  • You have lodged an objection to the processing of your data in accordance with Art. 21 GDPR, but it has not yet been determined whether the legitimate reasons that entitled us to further processing despite your objection outweigh your rights.
• Right to information: If you have asserted the right to correction, deletion or restriction of processing against us, we are obliged to all recipients to whom the personal data concerning you have been disclosed, the correction or deletion of the data requested by you or their data Notify restriction of processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed by us about these recipients.
• Right to data portability: According to Art. 20 GDPR, you can request that we receive the personal data relating to you that you have provided to us in a structured, common and machine-readable format or that we request transmission to another person responsible.
• Right to lodge a complaint: According to Art. 77 GDPR, you have the right to complain to a supervisory authority. For this you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

Withdrawal

According to Art. 7 Para. 3 GDPR, you have the right to revoke your consent to the processing of your data at any time. The revocation you have made does not change the legality of the processing of your personal data prior to the revocation.

Right to object

You have the right to object to the processing of your personal data at any time, for reasons that arise from your particular situation, based on a balance of interests (Article 6 (1) (f) GDPR). This is particularly the case if data processing is not required to fulfill a contract. If you exercise your right to object, we ask you to explain the reasons. We will then no longer process your personal data unless we can demonstrate to you that compelling legitimate reasons for data processing outweigh your interests and rights.

Regardless of the above, you have the right to object to the processing of your personal data for advertising and data analysis purposes at any time.

Please direct your objection to the contact person of the person responsible given above.

Google Maps

On our website we use components from "Google Maps", a service of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter referred to as: "Google").

Google Maps visually displays geographic information. The visitor's IP address is collected and processed by Google. This is transmitted to Google regardless of whether Google Maps is actually used or you are logged into your Google Account.Your IP address will be assigned to your Google account if you are logged in to it when you visit our website. This data is transmitted to external Google servers in the USA. Google is a participant in the Privacy Shield Agreement and certified for data processing according to European standards. Google may pass on this data collected via the technical process to third parties. Purpose: The integration of Google Maps serves the simplified visualization and navigation during a visit to our location. Google processes data for the purposes of advertising, market research, the design of the website and the provision of needs-based advertising. Legal basis: The legal basis for the above-described use of the data is Art. 6 Para. 1 lit. f GDPR. Prevention: You can prevent the assignment of the data by not using Google Maps on our website and logging out of your Google account before your visit. You can also deactivate JavaScript in your browser to prevent map display.We also refer to Google's data protection regulations at the following link http://www.google.com/intl/de_de/help/terms_maps.html

Third Party Information:

Registered office within the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

• Privacy policy: http://www.google.com/intl/de_de/help/terms_maps.html

Safety measures

We also take state-of-the-art technical and organizational security measures to comply with data protection law regulations and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

Up-to-dateness and change of this data protection declaration

This data protection declaration is currently valid and has the status of June 2019. Due to changes in legal or official requirements, it may be necessary to adapt this data protection declaration.