Privacy Policy

With the following privacy policy, we aim to inform you about the types of your personal data (hereinafter referred to as “data”) that we process, for what purposes, and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the provision of our services and particularly on our websites, mobile applications, and external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”).

Date: January 21, 2024

Table of Contents:

  • Preamble
  • Controller
  • Overview of Processing Activities
  • Relevant Legal Bases
  • Security Measures
  • Transfer of Personal Data
  • International Data Transfers
  • Rights of Data Subjects
  • Use of Cookies
  • Business Services
  • Payment Processing
  • Provision of the Online Offering and Web Hosting
  • Blogs and Publication Media
  • Contact and Inquiry Management
  • Advertising Communication via Email, Post, Fax, or Phone
  • Online Marketing
  • Social Media Presences
  • Plugins and Embedded Features, as well as Content

Manager Director:

Amine Oddi

Avenue Achakar 123

90000 Tangier

Email: info@oddiprivatetours.com

Overview of Processing Activities:

The following overview summarizes the types of processed data, the purposes of their processing, and refers to the affected individuals.

Types of processed data:

  • Inventory data.
  • Payment data.
  • Location data.
  • Contact data.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta, communication, and process data.
  • Categories of affected individuals
  • Customers.
  • Prospects.
  • Communication partners.
  • Users.
  • Business and contract partners.
  • Purposes of processing
  • Provision of contractual services and fulfillment of contractual obligations.
  • Contact inquiries and communication.
  • Security measures.
  • Direct marketing.
  • Reach measurement.
  • Tracking.
  • Office and organizational procedures.
  • Management and response to inquiries.
  • Feedback.
  • Marketing.
  • Profiles with user-related information.
  • Provision of our online offering and user-friendliness.
  • Information technology infrastructure.
  • Relevant Legal Bases

Relevant legal bases according to the GDPR: Below is an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the GDPR, national data protection regulations may apply in your or our country of residence or establishment. If more specific legal bases are applicable in individual cases, we will inform you in the privacy policy.

Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for a specific purpose or purposes.

Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract with the data subject or for the implementation of pre-contractual measures requested by the data subject.

Legal obligation (Art. 6(1)(c) GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.

Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject requiring personal data protection.

National data protection regulations in Germany: In addition to the GDPR, national data protection regulations in Germany apply. This includes the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains special provisions regarding the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission, as well as automated decision-making including profiling. Additionally, state data protection laws of individual states may be applicable.

Note on the applicability of the GDPR and Swiss Data Protection Act: These data protection notices serve both as information under the Swiss Federal Data Protection Act (Schweizer DSG) and under the General Data Protection Regulation (GDPR). Therefore, please note that due to broader spatial application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms used in the Swiss DSG, such as “processing” of “personal data,” “overriding interest,” and “particularly sensitive personal data,” the terms used in the GDPR, such as “processing” of “personal data,” “legitimate interest,” and “special categories of data,” are used. However, the legal meaning of the terms continues to be determined within the scope of the applicability of the Swiss DSG.

Security Measures:

In accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the threat to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data through control of physical and electronic access to the data and the related access, input, disclosure, availability, and separation. Furthermore, we have established procedures to ensure the exercise of data subject rights, the deletion of data, and responses to data threats. We also consider the protection of personal data in the development or selection of hardware, software, and procedures in accordance with the principle of data protection, through technology design and data protection-friendly default settings.

Transmission of Personal Data:

Within the scope of our processing of personal data, it may occur that the data is transmitted to other entities, companies, legally independent organizational units, or individuals, or disclosed to them. Recipients of this data may include, for example, IT service providers or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data to protect your data.

International Data Transfers:

Data processing in third countries: If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if the processing takes place in the context of using third-party services or disclosing/transferring data to other individuals, entities, or companies, this is done only in accordance with legal requirements. If the level of data protection in the third country has been recognized by an adequacy decision (Art. 45 GDPR), this serves as the basis for the data transfer. Otherwise, data transfers only take place if the level of data protection is otherwise secured, particularly through standard contractual clauses (Art. 46 para. 2 lit. c GDPR), explicit consent, or in the case of contractual or legally required transfer (Art. 49 para. 1 GDPR). In addition, we inform you about the foundations of the third-country transfer for each provider from the third country, with adequacy decisions being the primary basis. Information on third-country transfers and existing adequacy decisions can be found on the EU Commission’s information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de.

EU-US Trans-Atlantic Data Privacy Framework:

As part of the “Data Privacy Framework” (DPF), the EU Commission has also recognized the level of data protection as safe for certain companies in the USA within the framework of the adequacy decision of July 10, 2023. The list of certified companies and further information on the DPF can be found on the website of the US Department of Commerce: https://www.dataprivacyframework.gov/. We will inform you in the context of the data protection notices about which service providers certified under the Data Privacy Framework we use.

Rights of Data Subjects:

Rights of data subjects under the GDPR: As data subjects, you have various rights under the GDPR, particularly arising from Articles 15 to 21:

  • Right to Object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR, including profiling based on those provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
  • Right to Withdraw Consent: You have the right to withdraw your consent at any time.
  • Right to Information: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and further information.
  • Right to Rectification: You have the right to obtain the rectification of inaccurate personal data concerning you.
  • Right to Erasure and Restriction of Processing: You have the right to obtain the erasure of personal data concerning you without undue delay or, alternatively, the restriction of processing.
  • Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format or to request the transmission to another controller.

Complaint to a Supervisory Authority:

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Use of Cookies:

Cookies are small text files or other storage mechanisms that store information on end devices and retrieve information from end devices. For example, they can store the login status in a user account, the contents of a shopping cart in an e-shop, the accessed content, or the functions used in an online offering. Cookies can also be used for various purposes, such as ensuring the functionality, security, and convenience of online offerings, as well as analyzing visitor flows.

Consent Notice:

We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users unless it is not legally required. Consent is not necessary if storing and retrieving information, including cookies, is absolutely necessary to provide users with a telemedia service (our online offering) expressly requested by them. Cookies that are essential for the display and functionality of the online offering, load balancing, security, storing user preferences, and choices, or similar purposes related to providing the main and ancillary functions of the online offering requested by users are generally considered necessary. Revocable consent is communicated clearly to users and includes information about the respective cookie use.

Legal Basis for Processing:

The legal basis for processing personal data of users using cookies depends on whether we request the users’ consent. If users consent, the legal basis for processing their data is the declared consent. Otherwise, the data processed using cookies is based on our legitimate interests (e.g., in the operation of our online offering as a business and improving its usability) or, if the use of cookies is necessary to fulfill our contractual obligations, on the legal basis of contract fulfillment. The purposes for which we process cookies are explained in this privacy statement or as part of our consent and processing procedures.

Storage Duration:

With regard to storage duration, the following types of cookies are distinguished:

  • Temporary Cookies (Session Cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their device (e.g., browser or mobile application).
  • Permanent Cookies: Permanent cookies remain stored even after closing the device. For example, the login status can be saved or preferred content can be displayed directly when the user revisits a website. The data collected using cookies can also be used for reach measurement. Unless we provide explicit information about the type and duration of cookies (e.g., in the context of obtaining consent), users should assume that cookies are permanent and can be stored for up to two years.

General Instructions for Revocation and Objection (Opt-Out):

Users can revoke their consent and object to the processing of data in accordance with legal requirements at any time. Users can restrict the use of cookies in their browser settings (which may also limit the functionality of our online offering). Objection to the use of cookies for online marketing purposes can also be made through the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.

Legal Basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)
  • Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)

Further Information on Processing Processes, Procedures, and Services:

Processing of Cookie Data Based on Consent:

We use a cookie consent management process in which users’ consent to the use of cookies, or the processing and providers mentioned within the cookie consent management process, can be obtained, managed, and revoked by users. The consent declaration is stored to avoid having to repeat the query and to be able to prove consent in accordance with legal requirements. Storage can be done server-side and/or in a cookie (so-called opt-in cookie or similar technologies) to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. A pseudonymous user identifier is created, and the time of consent, information on the scope of consent (e.g., which categories of cookies and/or service providers), as well as the browser, system, and device used, are stored. Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a GDPR).

Business Services:

We process data of our contractual and business partners, such as customers and prospects (collectively referred to as “contractual partners”), as part of contractual and comparable legal relationships and related measures and in the context of communication with contractual partners (or pre-contractually), e.g., to answer inquiries.

We process this data to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed-upon services, any updating obligations, and remedying warranty and other service disruptions. In addition, we process the data to assert our rights and for the purposes of the administrative tasks associated with these obligations and the organization of our business. Furthermore, we process the data on the basis of our legitimate interests in proper and business-like management and the performance of security measures to protect our contractual partners and our business operations from misuse, threats to their data, secrets, information, and rights (e.g., participation of telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers, or financial authorities). In accordance with applicable law, we only disclose the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations. Contractual partners are informed about further processing, e.g., for marketing purposes, within the scope of this data protection declaration or in the course of our consent and processing procedures.

Which data is required for the aforementioned purposes is communicated to contractual partners before or within the scope of data collection, e.g., in online forms, by special markings (e.g., colors) or symbols (e.g., asterisks), or personally.

We delete the data after the expiration of legal warranty and comparable obligations, i.e., in principle, after the expiration of 4 years, unless the data is stored in a customer account, e.g., as long as they must be kept for legal reasons due to archiving obligations. The statutory retention period for tax-relevant documents and business records, inventories, opening balance sheets, annual financial statements, management reports, required documentation for understanding these documents, and business letters received and sent, is ten years. The period for keeping records begins at the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statement, the management report, or the business letter was received or sent, and the recording was made, or the other documents were created.

If we use third-party providers or platforms to provide our services, the terms and privacy policies of the respective third-party providers or platforms apply in the relationship between users and the providers.

Processed Data Types:

  • Inventory data (e.g., names, addresses)
  • Payment data (e.g., bank details, invoices, payment history)
  • Contact data (e.g., email, phone numbers)

Contract data (e.g., subject matter of the contract, term, customer category)

  • Data Subjects:
  • Prospects

Business and contractual partners:

  • Purposes of Processing:
  • Provision of contractual services and fulfillment of contractual obligations
  • Contact inquiries and communication
  • Office and organizational procedures

Administration and answering of inquiries:

  • Legal Basis:
  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR)
  • Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR)
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Additional Information on Processing Processes, Procedures, and Services:

Agency Services:

We process the data of our customers within the scope of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/consulting, campaign implementation and processes, handling, server administration, data analysis/consulting services, and training services. Legal basis: Contract performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR).

Payment Methods

In the context of contractual and other legal relationships, based on legal obligations, or otherwise on the basis of our legitimate interests, we offer efficient and secure payment options to the individuals concerned. To achieve this, we utilize various service providers, collectively referred to as “payment service providers,” in addition to banks and credit institutions.

The data processed by payment service providers includes inventory data such as names and addresses, banking data such as account numbers or credit card numbers, passwords, TANs, checksums, as well as contract, amount, and recipient-related information. This information is necessary to carry out transactions. However, the entered data is processed and stored only by the payment service providers. In other words, we do not receive account- or credit card-related information but only information confirming or denying the payment. Under certain circumstances, the data may be transmitted by the payment service providers to credit agencies for identity and credit checks. For further details, we refer you to the terms and privacy policies of the payment service providers.

The terms and privacy policies of the respective payment service providers, available on their websites or transaction applications, apply to payment transactions. We also refer to them for additional information and the exercise of withdrawal, information, and other data subject rights.

Processed Data Types:

  • Inventory data (e.g., names, addresses)
  • Payment data (e.g., bank details, invoices, payment history)
  • Contract data (e.g., subject matter of the contract, term, customer category)
  • Usage data (e.g., visited websites, interest in content, access times)

Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)

  • Data Subjects:
  • Customers

Prospects

  • Purposes of Processing:

Provision of contractual services and fulfillment of contractual obligations

  • Legal Basis:
  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b GDPR)

Additional Information on Processing Processes, Procedures, and Services:

PayPal: Payment Services (Technical Integration of Online Payment Methods)

Providing the Online Offer and Web Hosting

We process user data to provide our online services. For this purpose, we process the user’s IP address, which is necessary to transmit the content and functions of our online services to the user’s browser or device.

Processed Data Types:

  • Usage data (e.g., visited websites, interest in content, access times)
  • Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)

Content data (e.g., inputs in online forms)

  • Data Subjects:

Users (e.g., website visitors, users of online services)

  • Purposes of Processing:
  • Providing our online offer and user-friendliness
  • Information technology infrastructure (operation and provision of information systems and technical devices, such as computers, servers, etc.)

Security measures:

  • Legal Basis:
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Additional Information on Processing Processes, Procedures, and Services:

Collection of Access Data and Log Files:

Access to our online offering is logged in the form of “server log files.” Server log files may include the address and name of the accessed websites and files, date and time of access, transferred data volumes, success message of the access, browser type and version, user’s operating system, referrer URL (the previously visited page), and usually IP addresses and the requesting provider. Server log files may be used for security purposes, such as avoiding server overload (especially in the case of abusive attacks, such as DDoS attacks) and ensuring the load and stability of the servers.

  • Legal Basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Deletion of Data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that needs to be kept for evidence purposes is excluded from deletion until the final clarification of the respective incident.

  • Service Providers:
  • STRATO: Services in the field of providing information technology infrastructure and related services (e.g., storage space and/or computing capacities)
    • Service Provider: STRATO AG, Pascalstraße 10, 10587 Berlin, Germany
    • Legal Basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)
    • Website: https://www.strato.de
    • Privacy Policy: https://www.strato.de/datenschutz
    • Data Processing Agreement: Provided by the service provider.
  • WordPress.com: Hosting and software for the creation, provision, and operation of websites, blogs, and other online offerings

Blogs and Publishing Media

We use blogs or similar means of online communication and publication (hereinafter referred to as “publication medium”). The data of readers is processed for the purposes of the publication medium only to the extent necessary for its display and communication between authors and readers or for security reasons.

Processed Data Types:

  • Inventory data (e.g., names, addresses)
  • Contact data (e.g., email, phone numbers)
  • Content data (e.g., inputs in online forms)
  • Usage data (e.g., visited websites, interest in content, access times)

Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)

  • Data Subjects:

Users (e.g., website visitors, users of online services)

  • Purposes of Processing:
  • Provision of contractual services and fulfillment of contractual obligations
  • Feedback (e.g., collecting feedback via online forms)
  • Providing our online offer and user-friendliness
  • Security measures

Administration and response to inquiries:

  • Legal Basis:
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Additional Information on Processing Processes, Procedures, and Services:

Comments and Contributions:

If users leave comments or other contributions, their IP addresses may be stored on the basis of our legitimate interests. This is done for our security in case someone leaves unlawful content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we can be held liable for the comment or contribution and are therefore interested in the identity of the author. Furthermore, we reserve the right to process the information provided by users for spam detection based on our legitimate interests. On the same legal basis, we reserve the right to store the IP addresses of users for the duration of surveys and use cookies to avoid multiple votes.

The information about the person provided in the context of comments and contributions, including any contact and website information, as well as the content-related information, is stored by us permanently until users object.

  • Legal Basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Contact and Inquiry Management

When contacting us (e.g., by post, contact form, email, telephone, or via social media) and within existing user and business relationships, the details of the inquiring individuals are processed to the extent necessary to respond to the contact inquiries and any requested measures.

Processed Data Types:

  • Contact data (e.g., email, phone numbers)
  • Content data (e.g., inputs in online forms)
  • Usage data (e.g., visited websites, interest in content, access times)

Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)

  • Data Subjects:

Communication partners:

  • Purposes of Processing:
  • Contact inquiries and communication
  • Administration and response to inquiries
  • Feedback (e.g., collecting feedback via online forms)

Providing our online offer and user-friendliness

  • Legal Basis:
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Advertising Communication via Email, Post, Fax, or Telephone

We process personal data for the purpose of advertising communication, which can be carried out through various channels such as email, telephone, post, or fax, in accordance with legal requirements.

Recipients have the right to revoke granted consents or object to advertising communication at any time.

After revocation or objection, we store the data necessary to prove the previous authorization for contact or mailing for up to three years after the end of the year of revocation or objection on the basis of our legitimate interests. The processing of this data is limited to the purpose of potential defense against claims. Based on the legitimate interest of permanently considering the users’ revocation or objection, we also store the data required to prevent renewed contact (e.g., email address, phone number, name).

Online Marketing

We process personal data for the purpose of online marketing, including the marketing of advertising space or the display of advertising and other content (collectively referred to as “content”) based on potential user interests and the measurement of their effectiveness.

For these purposes, user profiles are created and stored in a file (known as a “cookie”) or similar methods are used to store information relevant to the user for the display of the aforementioned content. This information may include viewed content, visited websites, used online networks, as well as communication partners and technical details such as the browser used, the computer system, usage times, and used functions. If users have consented to the collection of their location data, this information may also be processed.

IP addresses of users are also stored. However, we use available IP masking procedures (i.e., pseudonymization by shortening the IP address) to protect users. Generally, no clear data of users (such as email addresses or names) is stored within the online marketing process, only pseudonyms. In other words, neither we nor the providers of the online marketing processes know the actual identity of the users, only the information stored in their profiles.

The information in the profiles is usually stored in cookies or similar methods. These cookies can also be read on other websites that use the same online marketing process, analyzed for the purpose of displaying content, supplemented with additional data, and stored on the server of the online marketing process provider.

In exceptional cases, clear data can be assigned to the profiles. This occurs when users, for example, are members of a social network whose online marketing process we use, and the network connects the user profiles with the aforementioned information. Please note that users can make additional agreements with the providers, for example, through consent during registration.

We generally only have access to aggregated information about the success of our advertisements. However, through conversion tracking, we can analyze which of our online marketing processes have led to a so-called conversion, such as the conclusion of a contract with us. Conversion tracking is solely used to analyze the success of our marketing measures.

Unless otherwise stated, it should be assumed that cookies used are stored for a period of two years.

Processed Data Types:

  • Usage data (e.g., visited websites, interest in content, access times)
  • Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)

Data Subjects:

  • Users (e.g., website visitors, users of online services)

Purposes of Processing:

  • Reach measurement (e.g., access statistics, recognition of recurring visitors)
  • Tracking (e.g., interest/behavioral profiling, use of cookies)
  • Marketing
  • Creating user profiles

Security Measures:

  • IP-Masking (Pseudonymization of the IP address)

Opt-Out Option:

Presence in Social Networks (Social Media)

We maintain online presences within social networks and process user data for the purpose of communicating with active users on these platforms or providing information about us.

Please note that data of users may be processed outside the European Union, which may pose risks for users, such as complicating the enforcement of user rights.

User data within social networks is generally processed for market research and advertising purposes. Usage profiles can be created based on user behavior and resulting interests. These profiles can be used to display advertisements within and outside the networks, which are likely to correspond to the users’ interests. Cookies are typically stored on users’ devices for these purposes, containing information about usage behavior and interests. Additionally, data can be stored in user profiles independently of the devices used by the users (especially if users are members of the respective platforms and are logged in).

For detailed information on processing methods and opt-out options, please refer to the privacy policies and information provided by the operators of the respective networks.

In the case of inquiries and the exercise of data subject rights, users are advised that these are most effectively addressed to the respective providers, as only the providers have access to user data and can take appropriate measures and provide information.

Processed Data Types:

  • Contact data (e.g., email, phone numbers)
  • Content data (e.g., inputs in online forms)
  • Usage data (e.g., visited websites, interest in content, access times)
  • Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)

Data Subjects:

  • Users (e.g., website visitors, users of online services)

Purposes of Processing:

  • Contact inquiries and communication
  • Feedback (e.g., collecting feedback via online forms)
  • Marketing

Legal Basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Additional Information on Specific Platforms:

Instagram:

Facebook Pages:

Plugins and Embedded Functions, as well as Content

We integrate functional and content elements into our online offering, which are obtained from the servers of their respective providers (hereinafter referred to as “third-party providers”). This may include graphics, videos, or maps (collectively referred to as “content”).

The integration always requires that the third-party providers of this content process the IP address of the users since they could not send the content to their browser without the IP address. The IP address is therefore necessary for the presentation of this content or functions. We strive to only use content for which the respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. “Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring web pages, visit time, as well as other information about the use of our online offering, and may also be linked to such information from other sources.

Processed Data Types:

  • Usage data (e.g., visited websites, interest in content, access times)
  • Meta-, communication, and process data (e.g., IP addresses, timestamps, identification numbers, consent status)
  • Location data (information about the geographical position of a device or person)

Data Subjects:

  • Users (e.g., website visitors, users of online services)

Purposes of Processing:

  • Provision of our online offering and user-friendliness

Legal Basis:

  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR)

Additional Information on Specific Services:

Google Maps: