Scope
This data protection declaration informs users about the nature, scope and purpose of the collection and use of personal data by the responsible provider
Ebertor Hotelbetriebsgesellschaft mbH
Heerstraße 172
D-56154 Boppard
+49 6742 8070
info@ebertor.de
on this website (hereinafter referred to as the "Offer"). The legal basis for data protection can be found in the General Data Protection Regulation (DSGVO) and the German Telemedia Act (TMG).
Access data/ Server log files
The provider (or its web space provider) collects data about each access to the offer (so-called server log files) for statistical analysis for the purpose of operation, security and optimization of the offer. The access data includes:
- Name of the accessed website
- Date and time of the server request
- browser type and browser version
- operating system used
- IP address and the requesting provider
- Referrer URL (Internet address of the previously visited page)
- Name of the retrieved file and amount of data transferred
- Message whether the retrieval was successful
The provider reserves the right to check the log data subsequently if there is a justified suspicion of unlawful use based on concrete indications.
This data is not merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
A complete protection of your data against access by third parties cannot be guaranteed during data transmission on the Internet (e.g. e-mail communication) due to possible security gaps.
Handling of personal data
When using the website, confidential, personal data is collected that may enable personal identification. This includes, for example, name, telephone number, address, as well as all data that you transmit to us during registration, payment processing, execution of a contract and when creating your customer account.
SSL encryption
To protect the security of your personal data during transmission, we use SSL encryption (Secure Socket Layer).
Cookies
Cookies are small text files that enable specific information related to the device to be stored on the user's access device. On the one hand, they serve the user-friendliness of websites and thus the users (e.g. storage of login data). On the other hand, they serve to collect statistical data on website usage and to be able to analyze it for the purpose of improving the offer. Basically, a distinction is made between two different types of cookies, so-called session cookies that are deleted as soon as you close your browser and cookies that are stored on your terminal device until you delete them. Users can influence the use of cookies. Most browsers have an option with which the storage of cookies can be restricted or completely prevented. However, we would like to point out that our website and service will only function to a limited extent if you prevent the use of cookies.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services.
You can manage many online ad cookies from companies via the US site aboutads.info/choices or the EU site youronlinechoices.com/uk/your-ad-choices.
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and the origin of the user. This data is summarised in a user ID and assigned to the respective end device of the website visitor.
Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Furthermore, Google Analytics uses various modelling approaches to supplement the data records collected and uses machine learning technologies in the data analysis. Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there. The use of this service is based on your consent according to Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/
Browser plugin
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information on how Google Analytics handles user data, please see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
Order processing
We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Integration of third-party services and content
It may happen that third-party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites are integrated within this offer. This always requires that the providers of this content (hereinafter referred to as "third-party providers") perceive the IP address of the user. Without the IP address, they could not send the content to the browser of the respective user. The IP address is thus necessary for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. Insofar as this is known to us, we inform the users about it.
Use of JavaScript
On this website, we use active JavaScript content from external providers. By calling up our website, these external providers may receive personal information about your visit to our website. This may involve the processing of data outside the EU. You can prevent this by installing a JavaScript blocker such as the browser plugin 'NoScript' (www.noscript.net) or disabling JavaScript in your browser. However, we would like to point out that our website and service will only function in a limited way if you disable the use of JavaScript.
Contact
When contacting the provider (for example, via contact form or e-mail), the user's details are stored for the purpose of processing the request and in the event that follow-up questions arise. This data will not be passed on without your consent.
The processing of your data, which you transmit when contacting us, is based on your consent (Art. 6 para. 1 lit. a DSGVO). Your consent can be revoked at any time. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
As long as no request for data deletion is made, the consent for storage is revoked or the purpose for data storage no longer applies, the data transmitted when contacting us will remain with us. Legal retention periods remain unaffected.
Registration function
The data entered during registration will be used exclusively for order processing. The collected data can be seen from the input mask within the registration.
For important changes, for example, in the scope of the offer or for technically necessary changes, we use the e-mail address provided during registration to inform you in this way. The processing of the data entered, which is necessary for registration, is based on your consent (Art. 6 para. 1 lit. a DSGVO). Your consent can be revoked at any time. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Your registration data will remain stored by us as long as no request for data deletion is made or consent to storage is revoked. Legal retention periods remain unaffected.
Data transmission upon conclusion of the contract (voucher order)
We transmit personal data to third parties only if this is necessary in the context of the contract, for example, to the payment platform commissioned with the payment processing, the service provider for the processing of the postal dispatch and to the service provider commissioned with the voucher processing.
A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Data transfer to shipping companies
For the fulfillment of the contract, we pass on your data (title, name, company, billing address, shipping address, photo and dedication) when sending the voucher by mail to the shipping company commissioned with the creation and delivery:
Voucher dispatch by mail
A&M Service GmbH
Hinter dem Entenpfuhl 13/15
65604 Elz
Deutschland
info@a-m-service.de
Data transfer to payment providers
The transfer of your data takes place exclusively via secure SSL encryption to the payment provider selected by you in the ordering process for the purpose of payment processing.
The transfer of your data to the payment provider is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
Payment by Visa, Mastercard and American Express
If you choose to pay by credit card, the payment will be processed by the payment provider "Stripe". The data required for this (card number, validity and verification number) are forwarded to the payment provider in encrypted form and cannot be viewed by the website operator. Stripe Payments Europe Ltd is certified according to the Industry Data Security Standard (PCI DSS) and is subject to the Safe Harbour Agreement. The payment provider transfers, processes and stores, if necessary, personal data outside the EU that is required to process the payment. Stripe is solely responsible for the processing of this
Stripe Payments Europe Ltd
Block 4, Harcourt Centre Harcourt Road Dublin 2, Ireland
For details on payment with Stripe, please refer to the terms and conditions and privacy policy of the payment provider at: https://stripe.com/de/terms
Revocation, changes, deletion and right to information
Within the scope of the applicable legal provisions, the user has the right to receive information free of charge upon request about the personal data, its origin and recipient and the purpose of the data processing. In addition, the user has the right to correct incorrect data, blocking and deletion of his personal data, provided that this does not conflict with any legal obligation to retain