Déclaration de confidentialité

1. An overview of data protection

General information

The follo­wing infor­ma­tion will provide you with an easy to navi­gate over­view of what will happen with your perso­nal data when you visit this website. The term “perso­nal data” comprises all data that can be used to perso­nally iden­tify you. For detai­led infor­ma­tion about the subject matter of data protec­tion, please consult our Data Protec­tion Decla­ra­tion, which we have inclu­ded beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this website is proces­sed by the opera­tor of the website, whose contact infor­ma­tion is avai­lable under section “Infor­ma­tion about the respon­sible party (refer­red to as the “control­ler” in the GDPR)” in this Privacy Policy.

How do we record your data ?

We collect your data as a result of your sharing of your data with us. This may, for instance be infor­ma­tion you enter into our contact form.

Other data shall be recor­ded by our IT systems auto­ma­ti­cally or after you consent to its recor­ding during your website visit. This data comprises prima­rily tech­ni­cal infor­ma­tion (e.g., web brow­ser, opera­ting system, or time the site was acces­sed). This infor­ma­tion is recor­ded auto­ma­ti­cally when you access this website.

What are the purposes we use your data for ?

A portion of the infor­ma­tion is gene­ra­ted to guaran­tee the error free provi­sion of the website. Other data may be used to analyze your user patterns.

What rights do you have as far as your information is concerned ?

You have the right to receive infor­ma­tion about the source, reci­pients, and purposes of your archi­ved perso­nal data at any time without having to pay a fee for such disclo­sures. You also have the right to demand that your data are recti­fied or eradi­ca­ted. If you have consen­ted to data proces­sing, you have the option to revoke this consent at any time, which shall affect all future data proces­sing. Moreo­ver, you have the right to demand that the proces­sing of your data be restric­ted under certain circum­stances. Further­more, you have the right to log a complaint with the competent super­vi­sing agency.

Please do not hesi­tate to contact us at any time if you have ques­tions about this or any other data protec­tion rela­ted issues.

Analysis tools and tools provided by third parties

There is a possi­bi­lity that your brow­sing patterns will be statis­ti­cally analy­zed when your visit this website. Such analyses are perfor­med prima­rily with what we refer to as analy­sis programs.

For detai­led infor­ma­tion about these analy­sis programs please consult our Data Protec­tion Decla­ra­tion below.

2. Hosting

We are hosting the content of our website at the follo­wing provider :

webgo

The provi­der is the webgo GmbH, Heiden­kamps­weg 81, 20097, Hamburg, Germany (herei­naf­ter refer­red to as “webgo”). Whene­ver you visit our website, webgo will record a variety of logfiles, inclu­ding your IP addresses.

For details, please refer to the Data Privacy Policy of webgo : https://www.webgo.de/datenschutz/.

We use webgo on the basis of Art. 6 (1)(f) GDPR. We have a legi­ti­mate inter­est in making the depic­tion of our website as depen­dable as possible. If you have been asked for your respec­tive consent, proces­sing shall occur exclu­si­vely on the basis of Art. 6 (1)(a) GDPR and § 25(1) TDDDG, if the consent comprises the archi­ving of cookies or access to infor­ma­tion on the user’s device (e.g., device finger prin­ting) as defi­ned in the TDDDG. Such consent may be revo­ked at any time.

Data processing

We have conclu­ded a data proces­sing agree­ment (DPA) for the use of the above-mentio­ned service. This is a contract manda­ted by data privacy laws that guaran­tees that they process perso­nal data of our website visi­tors only based on our instruc­tions and in compliance with the GDPR.

3. General information and mandatory information

Data protection

The opera­tors of this website and its pages take the protec­tion of your perso­nal data very seriously. Hence, we handle your perso­nal data as confi­den­tial infor­ma­tion and in compliance with the statu­tory data protec­tion regu­la­tions and this Data Protec­tion Declaration.

Whene­ver you use this website, a variety of perso­nal infor­ma­tion will be collec­ted. Perso­nal data comprises data that can be used to perso­nally iden­tify you. This Data Protec­tion Decla­ra­tion explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the infor­ma­tion is collected.

We here­with advise you that the trans­mis­sion of data via the Inter­net (i.e., through e‑mail commu­ni­ca­tions) may be prone to secu­rity gaps. It is not possible to comple­tely protect data against third-party access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data proces­sing control­ler on this website is :

Riad Selouane – Artlo­gis Sarl
Svenja Keller
6 Derb Tizougarine
Bab Doukkala
40000 Marrakech
Maroc

Phone : +212 (0) 524 44 41 41
E‑mail : info@riad-selouane.net

The control­ler is the natu­ral person or legal entity that single-handedly or jointly with others makes deci­sions as to the purposes of and resources for the proces­sing of perso­nal data (e.g., names, e‑mail addresses, etc.).

Storage duration

Unless a more speci­fic storage period has been speci­fied in this privacy policy, your perso­nal data will remain with us until the purpose for which it was collec­ted no longer applies. If you assert a justi­fied request for dele­tion or revoke your consent to data proces­sing, your data will be dele­ted, unless we have other legally permis­sible reasons for storing your perso­nal data (e.g., tax or commer­cial law reten­tion periods); in the latter case, the dele­tion will take place after these reasons cease to apply.

General information on the legal basis for the data processing on this website

If you have consen­ted to data proces­sing, we process your perso­nal data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if special cate­go­ries of data are proces­sed accor­ding to Art. 9 (1) DSGVO. In the case of expli­cit consent to the trans­fer of perso­nal data to third coun­tries, the data proces­sing is also based on Art. 49 (1)(a) GDPR. If you have consen­ted to the storage of cookies or to the access to infor­ma­tion in your end device (e.g., via device finger­prin­ting), the data proces­sing is addi­tio­nally based on § 25 (1) TDDDG. The consent can be revo­ked at any time. If your data is requi­red for the fulfillment of a contract or for the imple­men­ta­tion of pre-contrac­tual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Further­more, if your data is requi­red for the fulfillment of a legal obli­ga­tion, we process it on the basis of Art. 6(1)© GDPR. Further­more, the data proces­sing may be carried out on the basis of our legi­ti­mate inter­est accor­ding to Art. 6(1)(f) GDPR. Infor­ma­tion on the rele­vant legal basis in each indi­vi­dual case is provi­ded in the follo­wing para­graphs of this privacy policy.

Information on the data transfer to third-party countries that are not secure under data protection law and the transfer to US companies that are not DPF-certified

We use, among other tech­no­lo­gies, tools from compa­nies loca­ted in third-party coun­tries that are not safe under data protec­tion law, as well as US tools whose provi­ders are not certi­fied under the EU-US Data Privacy Frame­work (DPF). If these tools are enabled, your perso­nal data may be trans­fer­red to and proces­sed in these coun­tries. We would like you to note that no level of data protec­tion compa­rable to that in the EU can be guaran­teed in third coun­tries that are inse­cure in terms of data protec­tion law.

We would like to point out that the US, as a secure third-party coun­try, gene­rally has a level of data protec­tion compa­rable to that of the EU. Data trans­fer to the US is there­fore permit­ted if the reci­pient is certi­fied under the “EU-US Data Privacy Frame­work” (DPF) or has appro­priate addi­tio­nal assu­rances. Infor­ma­tion on trans­fers to third-party coun­tries, inclu­ding the data reci­pients, can be found in this Privacy Policy.

Recipients of personal data

In the scope of our busi­ness acti­vi­ties, we coope­rate with various exter­nal parties. In some cases, this also requires the trans­fer of perso­nal data to these exter­nal parties. We only disclose perso­nal data to exter­nal parties if this is requi­red as part of the fulfillment of a contract, if we are legally obli­ga­ted to do so (e.g., disclo­sure of data to tax autho­ri­ties), if we have a legi­ti­mate inter­est in the disclo­sure pursuant to Art. 6 (1)(f) GDPR, or if another legal basis permits the disclo­sure of this data. When using proces­sors, we only disclose perso­nal data of our custo­mers on the basis of a valid contract on data proces­sing. In the case of joint proces­sing, a joint proces­sing agree­ment is concluded.

Revocation of your consent to the processing of data

A wide range of data proces­sing tran­sac­tions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without preju­dice to the lawful­ness of any data collec­tion that occur­red prior to your revocation.

Right to object to the collection of data in special cases ; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of viola­tions of the GDPR, data subjects are entit­led to log a complaint with a super­vi­sory agency, in parti­cu­lar in the member state where they usually main­tain their domi­cile, place of work or at the place where the alle­ged viola­tion occur­red. The right to log a complaint is in effect regard­less of any other admi­nis­tra­tive or court procee­dings avai­lable as legal recourses.

Right to data portability

You have the right to have data that we process auto­ma­ti­cally on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you should demand the direct trans­fer of the data to another control­ler, this will be done only if it is tech­ni­cally feasible.

Information about, rectification and eradication of data

Within the scope of the appli­cable statu­tory provi­sions, you have the right to demand infor­ma­tion about your archi­ved perso­nal data, their source and reci­pients as well as the purpose of the proces­sing of your data at any time. You may also have a right to have your data recti­fied or eradi­ca­ted. If you have ques­tions about this subject matter or any other ques­tions about perso­nal data, please do not hesi­tate to contact us at any time.

Right to demand processing restrictions

You have the right to demand the impo­si­tion of restric­tions as far as the proces­sing of your perso­nal data is concer­ned. To do so, you may contact us at any time. The right to demand restric­tion of proces­sing applies in the follo­wing cases :

• In the event that you should dispute the correct­ness of your data archi­ved by us, we will usually need some time to verify this claim. During the time that this inves­ti­ga­tion is ongoing, you have the right to demand that we restrict the proces­sing of your perso­nal data.
• If the proces­sing of your perso­nal data was/is conduc­ted in an unlaw­ful manner, you have the option to demand the restric­tion of the proces­sing of your data instead of deman­ding the eradi­ca­tion of this data.
• If we do not need your perso­nal data any longer and you need it to exer­cise, defend or claim legal entit­le­ments, you have the right to demand the restric­tion of the proces­sing of your perso­nal data instead of its eradication.
• If you have raised an objec­tion pursuant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each other. As long as it has not been deter­mi­ned whose inter­ests prevail, you have the right to demand a restric­tion of the proces­sing of your perso­nal data.

If you have restric­ted the proces­sing of your perso­nal data, these data – with the excep­tion of their archi­ving – may be proces­sed only subject to your consent or to claim, exer­cise or defend legal entit­le­ments or to protect the rights of other natu­ral persons or legal enti­ties or for impor­tant public inter­est reasons cited by the Euro­pean Union or a member state of the EU.

SSL and/or TLS encryption

For secu­rity reasons and to protect the trans­mis­sion of confi­den­tial content, such as purchase orders or inqui­ries you submit to us as the website opera­tor, this website uses either an SSL or a TLS encryp­tion program. You can reco­gnize an encryp­ted connec­tion by checking whether the address line of the brow­ser switches from “http://” to “https://” and also by the appea­rance of the lock icon in the brow­ser line.

If the SSL or TLS encryp­tion is acti­va­ted, data you trans­mit to us cannot be read by third parties.

Rejection of unsolicited e‑mails

We here­with object to the use of contact infor­ma­tion publi­shed in conjunc­tion with the manda­tory infor­ma­tion to be provi­ded in our Site Notice to send us promo­tio­nal and infor­ma­tion mate­rial that we have not expressly reques­ted. The opera­tors of this website and its pages reserve the express right to take legal action in the event of the unso­li­ci­ted sending of promo­tio­nal infor­ma­tion, for instance via SPAM messages.

4. Recording of data on this website

Cookies

Our websites and pages use what the indus­try refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored tempo­ra­rily for the dura­tion of a session (session cookies) or they are perma­nently archi­ved on your device (perma­nent cookies). Session cookies are auto­ma­ti­cally dele­ted once you termi­nate your visit. Perma­nent cookies remain archi­ved on your device until you acti­vely delete them, or they are auto­ma­ti­cally eradi­ca­ted by your web browser.

Cookies can be issued by us (first-party cookies) or by third-party compa­nies (so-called third-party cookies). Third-party cookies enable the inte­gra­tion of certain services of third-party compa­nies into websites (e.g., cookies for hand­ling payment services).

Cookies have a variety of func­tions. Many cookies are tech­ni­cally essen­tial since certain website func­tions would not work in the absence of these cookies (e.g., the shop­ping cart func­tion or the display of videos). Other cookies may be used to analyze user beha­vior or for promo­tio­nal purposes.

Cookies, which are requi­red for the perfor­mance of elec­tro­nic commu­ni­ca­tion tran­sac­tions, for the provi­sion of certain func­tions you want to use (e.g., for the shop­ping cart func­tion) or those that are neces­sary for the opti­mi­za­tion (requi­red cookies) of the website (e.g., cookies that provide measu­rable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The opera­tor of the website has a legi­ti­mate inter­est in the storage of requi­red cookies to ensure the tech­ni­cally error-free and opti­mi­zed provi­sion of the operator’s services. If your consent to the storage of the cookies and simi­lar recog­ni­tion tech­no­lo­gies has been reques­ted, the proces­sing occurs exclu­si­vely on the basis of the consent obtai­ned (Art. 6(1)(a) GDPR and § 25 (1) TDDDG); this consent may be revo­ked at any time.

You have the option to set up your brow­ser in such a manner that you will be noti­fied any time cookies are placed and to permit the accep­tance of cookies only in speci­fic cases. You may also exclude the accep­tance of cookies in certain cases or in gene­ral or acti­vate the delete-func­tion for the auto­ma­tic eradi­ca­tion of cookies when the brow­ser closes. If cookies are deac­ti­va­ted, the func­tions of this website may be limited.

Which cookies and services are used on this website can be found in this privacy policy.

Consent with Borlabs Cookie

Our website uses the Borlabs consent tech­no­logy to obtain your consent to the storage of certain cookies in your brow­ser or for the use of certain tech­no­lo­gies and for their data privacy protec­tion compliant docu­men­ta­tion. The provi­der of this tech­no­logy is Borlabs GmbH, Rüben­kamp 32, 22305 Hamburg, Germany (herei­naf­ter refer­red to as Borlabs).

Whene­ver you visit our website, a Borlabs cookie will be stored in your brow­ser, which archives any decla­ra­tions or revo­ca­tions of consent you have ente­red. These data are not shared with the provi­der of the Borlabs technology.

The recor­ded data shall remain archi­ved until you ask us to eradi­cate them, delete the Borlabs cookie on your own or the purpose of storing the data no longer exists. This shall be without preju­dice to any reten­tion obli­ga­tions manda­ted by law. To review the details of Borlabs’ data proces­sing poli­cies, please visit https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Borlabs cookie consent tech­no­logy to obtain the decla­ra­tions of consent manda­ted by law for the use of cookies. The legal basis for the use of such cookies is Art. 6(1)© GDPR.

Contact form

If you submit inqui­ries to us via our contact form, the infor­ma­tion provi­ded in the contact form as well as any contact infor­ma­tion provi­ded therein will be stored by us in order to handle your inquiry and in the event that we have further ques­tions. We will not share this infor­ma­tion without your consent.

The proces­sing of these data is based on Art. 6(1)(b) GDPR, if your request is rela­ted to the execu­tion of a contract or if it is neces­sary to carry out pre-contrac­tual measures. In all other cases the proces­sing is based on our legi­ti­mate inter­est in the effec­tive proces­sing of the requests addres­sed to us (Art. 6(1)(f) GDPR) or on your agree­ment (Art. 6(1)(a) GDPR) if this has been reques­ted ; the consent can be revo­ked at any time.

The infor­ma­tion you have ente­red into the contact form shall remain with us until you ask us to eradi­cate the data, revoke your consent to the archi­ving of data or if the purpose for which the infor­ma­tion is being archi­ved no longer exists (e.g., after we have conclu­ded our response to your inquiry). This shall be without preju­dice to any manda­tory legal provi­sions, in parti­cu­lar reten­tion periods.

Request by e‑mail, telephone, or fax

If you contact us by e‑mail, tele­phone or fax, your request, inclu­ding all resul­ting perso­nal data (name, request) will be stored and proces­sed by us for the purpose of proces­sing your request. We do not pass these data on without your consent.

These data are proces­sed on the basis of Art. 6(1)(b) GDPR if your inquiry is rela­ted to the fulfillment of a contract or is requi­red for the perfor­mance of pre-contrac­tual measures. In all other cases, the data are proces­sed on the basis of our legi­ti­mate inter­est in the effec­tive hand­ling of inqui­ries submit­ted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtai­ned ; the consent can be revo­ked at any time.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after comple­tion of your request). Manda­tory statu­tory provi­sions – in parti­cu­lar statu­tory reten­tion periods – remain unaffected.

5. Social media

Social media elements with Shariff

We do use elements of social media networks on this website and its pages (e.g. Face­book, X, Insta­gram, Pinte­rest, XING, Linke­dIn, Tumblr).

As a rule, you will be able to reco­gnize these social media elements because of the respec­tive social media logos that appear. To warrant the protec­tion of data on this website, we use these elements only in combi­na­tion with the so-called “Shariff” solu­tion. This appli­ca­tion prevents the social media elements that have been inte­gra­ted into this website from trans­fer­ring perso­nal data to the respec­tive provi­der as soon as you enter our website.

A direct connec­tion to the provider’s server shall not be esta­bli­shed until you have acti­va­ted the respec­tive social media element by clicking on the affi­lia­ted button (which indi­cates your consent). As soon as you acti­vate the social media element, the respec­tive provi­der receives the infor­ma­tion that you have visi­ted this website with your IP address. If you are simul­ta­neously logged into your respec­tive social media account (e.g. Face­book), the respec­tive provi­der will be able to allo­cate your visit to this website to your user account.

The acti­va­tion of the plug-in consti­tutes a decla­ra­tion of consent as defi­ned in Art. 6(1)(a) GDPR and und § 25 (1) TDDDG. You have the option to revoke this consent at any time, which shall affect all future transactions.

This service is used to obtain the consent to the use of certain tech­no­lo­gies requi­red by law. The legal basis for this is Art. 6(1)© GDPR.

Pinterest

We use elements of the social network Pinte­rest on this website. The network is opera­ted by Pinte­rest Europe Ltd., Palmers­ton House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

If you access a site or page that contains such an element, your brow­ser will esta­blish a direct connec­tion with Pinterest’s servers. During this process, the social media element trans­fers log data to Pinterest’s servers in the United States. The log data may possi­bly include your IP address, the address of the websites you visi­ted, which also contain Pinte­rest func­tions. The infor­ma­tion also includes the type and settings of your brow­ser, the data and time of the inquiry, how you use Pinte­rest and cookies.

The use of this service is based on your consent in accor­dance with Art. 6 (1)(a) GDPR and § 25 (1) TDDDG. Consent can be revo­ked at any time.

For more infor­ma­tion concer­ning the purpose, scope and conti­nue proces­sing and use of the data by Pinte­rest as well as your affi­lia­ted rights and options to protect your private infor­ma­tion, please consult the data privacy infor­ma­tion of Pinte­rest at : https://about.pinterest.com/en/privacy-policy.

6. Analysis tools and advertising

Google Tag Manager

We use the Google Tag Mana­ger. The provi­der is Google Ireland Limi­ted, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Mana­ger is a tool that allows us to inte­grate tracking or statis­ti­cal tools and other tech­no­lo­gies on our website. The Google Tag Mana­ger itself does not create any user profiles, does not store cookies, and does not carry out any inde­pendent analyses. It only manages and runs the tools inte­gra­ted via it. Howe­ver, the Google Tag Mana­ger does collect your IP address, which may also be trans­fer­red to Google’s parent company in the United States.

The Google Tag Mana­ger is used on the basis of Art. 6(1)(f) GDPR. The website opera­tor has a legi­ti­mate inter­est in the quick and uncom­pli­ca­ted inte­gra­tion and admi­nis­tra­tion of various tools on his website. If appro­priate consent has been obtai­ned, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TDDDG. This consent can be revo­ked at any time.

The company is certi­fied in accor­dance with the “EU-US Data Privacy Frame­work” (DPF). The DPF is an agree­ment between the Euro­pean Union and the US, which is inten­ded to ensure compliance with Euro­pean data protec­tion stan­dards for data proces­sing in the US. Every company certi­fied under the DPF is obli­ged to comply with these data protec­tion stan­dards. For more infor­ma­tion, please contact the provi­der under the follo­wing link : https://www.dataprivacyframework.gov/participant/5780.

Google Analytics

This website uses func­tions of the web analy­sis service Google Analy­tics. The provi­der of this service is Google Ireland Limi­ted (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analy­tics enables the website opera­tor to analyze the beha­vior patterns of website visi­tors. To that end, the website opera­tor receives a variety of user data, such as pages acces­sed, time spent on the page, the utili­zed opera­ting system and the user’s origin. This data is assi­gned to the respec­tive end device of the user. An assi­gn­ment to a user-ID does not take place.

Further­more, Google Analy­tics allows us to record your mouse and scroll move­ments and clicks, among other things. Google Analy­tics uses various mode­ling approaches to augment the collec­ted data sets and uses machine lear­ning tech­no­lo­gies in data analysis.

Google Analy­tics uses tech­no­lo­gies that make the recog­ni­tion of the user for the purpose of analy­zing the user beha­vior patterns (e.g., cookies or device finger­prin­ting). The website use infor­ma­tion recor­ded by Google is, as a rule trans­fer­red to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.

Data trans­mis­sion to the US is based on the Stan­dard Contrac­tual Clauses (SCC) of the Euro­pean Commis­sion. Details can be found here : https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certi­fied in accor­dance with the “EU-US Data Privacy Frame­work” (DPF). The DPF is an agree­ment between the Euro­pean Union and the US, which is inten­ded to ensure compliance with Euro­pean data protec­tion stan­dards for data proces­sing in the US. Every company certi­fied under the DPF is obli­ged to comply with these data protec­tion stan­dards. For more infor­ma­tion, please contact the provi­der under the follo­wing link : https://www.dataprivacyframework.gov/participant/5780.

IP anonymization

Google Analy­tics IP anony­mi­za­tion is active. As a result, your IP address will be abbre­via­ted by Google within the member states of the Euro­pean Union or in other states that have rati­fied the Conven­tion on the Euro­pean Econo­mic Area prior to its trans­mis­sion to the United States. The full IP address will be trans­mit­ted to one of Google’s servers in the United States and abbre­via­ted there only in excep­tio­nal cases. On behalf of the opera­tor of this website, Google shall use this infor­ma­tion to analyze your use of this website to gene­rate reports on website acti­vi­ties and to render other services to the opera­tor of this website that are rela­ted to the use of the website and the Inter­net. The IP address trans­mit­ted in conjunc­tion with Google Analy­tics from your brow­ser shall not be merged with other data in Google’s possession.

Browser plug-in

You can prevent the recor­ding and proces­sing of your data by Google by down­loa­ding and instal­ling the brow­ser plugin avai­lable under the follo­wing link : https://tools.google.com/dlpage/gaoptout?hl=en.

For more infor­ma­tion about the hand­ling of user data by Google Analy­tics, please consult Google’s Data Privacy Decla­ra­tion at : https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have execu­ted a contract data proces­sing agree­ment with Google and are imple­men­ting the strin­gent provi­sions of the German data protec­tion agen­cies to the fullest when using Google Analytics.

VG Wort Zählpixel

We have imple­men­ted texts on our website, in which a so-called tracking pixel (METIS tracking pixel) is embed­ded. The provi­der is the Verwer­tungs­ge­sell­schaft WORT – VG WORT (asso­cia­tion with legal capa­city by virtue of confer­ral), Untere Weidens­traße 5, 81543 Munich (herei­naf­ter “VG Wort”).

The pixel counts the views of texts, forwards them anony­mously to the VG Wort, in order to deter­mine the distri­bu­tions for the authors. The use of the VG Wort pixel is based on our legi­ti­mate inter­est in recei­ving remu­ne­ra­tion for the texts publi­shed on our website for our authors or for ourselves (Art. 6(1)(f) GDPR). Conflic­ting inter­ests of website visi­tors are not appa­rent, as the data is trans­mit­ted to VG Wort in anony­mi­zed form.

7. Plug-ins and Tools

Google Fonts (local embedding)

This website uses so-called Google Fonts provi­ded by Google to ensure the uniform use of fonts on this site. These Google fonts are locally instal­led so that a connec­tion to Google’s servers will not be esta­bli­shed in conjunc­tion with this application.

For more infor­ma­tion on Google Fonts, please follow this link : https://developers.google.com/fonts/faq and consult Google’s Data Privacy Decla­ra­tion under : https://policies.google.com/privacy?hl=en.

Google reCAPTCHA

We use “Google reCAPT­CHA” (herei­naf­ter refer­red to as “reCAPT­CHA”) on this website. The provi­der is Google Ireland Limi­ted (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPT­CHA is to deter­mine whether data ente­red on this website (e.g., infor­ma­tion ente­red into a contact form) is being provi­ded by a human user or by an auto­ma­ted program. To deter­mine this, reCAPT­CHA analyzes the beha­vior of the website visi­tors based on a variety of para­me­ters. This analy­sis is trig­ge­red auto­ma­ti­cally as soon as the website visi­tor enters the site. For this analy­sis, reCAPT­CHA evaluates a variety of data (e.g., IP address, time the website visi­tor spent on the site or cursor move­ments initia­ted by the user). The data tracked during such analyses are forwar­ded to Google.

reCAPT­CHA analyses run enti­rely in the back­ground. Website visi­tors are not aler­ted that an analy­sis is underway.

Data are stored and analy­zed on the basis of Art. 6(1)(f) GDPR. The website opera­tor has a legi­ti­mate inter­est in the protec­tion of the operator’s websites against abusive auto­ma­ted spying and against SPAM. If appro­priate consent has been obtai­ned, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TDDDG. This consent can be revo­ked at any time.

For more infor­ma­tion about Google reCAPT­CHA please refer to the Google Data Privacy Decla­ra­tion and Terms Of Use under the follo­wing links : https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.

The company is certi­fied in accor­dance with the “EU-US Data Privacy Frame­work” (DPF). The DPF is an agree­ment between the Euro­pean Union and the US, which is inten­ded to ensure compliance with Euro­pean data protec­tion stan­dards for data proces­sing in the US. Every company certi­fied under the DPF is obli­ged to comply with these data protec­tion stan­dards. For more infor­ma­tion, please contact the provi­der under the follo­wing link : https://www.dataprivacyframework.gov/participant/5780.

8. Online marketing and partner programs

Affiliate Programs on this website

We parti­ci­pate in affi­liate part­ner programs. In conjunc­tion with affi­liate part­ner programs, ads of busi­nesses (adver­ti­sers) are placed on websites of other enter­prises within the affi­liate part­ner network (publi­sher). If you click on one of these affi­liate ads, you will be trans­fer­red to the promo­ted offer. If you should subse­quently engage in a certain tran­sac­tion (conver­sion), the publi­sher will receive a respec­tive commis­sion in exchange for the service. To be able to compute the commis­sion amount, the affi­liate network opera­tor must be in a posi­tion to track the ad that has resul­ted in you seeing the offer and in you comple­ting the prede­fi­ned tran­sac­tion. To make this possible, cookies or compa­rable recog­ni­tion tech­no­lo­gies are deployed (e.g., device fingerprinting).

Data is stored and analy­zed on the basis of Art. 6(1)(f) GDPR. The website opera­tor has a legi­ti­mate inter­est in the correct compu­ta­tion of its affi­liate compen­sa­tion. If appro­priate consent has been obtai­ned, the proces­sing is carried out exclu­si­vely on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, inso­far the consent includes the storage of cookies or the access to infor­ma­tion in the user’s end device (e.g., device finger­prin­ting) within the meaning of the TDDDG. This consent can be revo­ked at any time.

We parti­ci­pate in the follo­wing affi­liate programs :

GetYourGuide www.getyourguide.com

9. eCommerce and payment service providers

Processing of Customer and Contract Data

We collect, process, and use perso­nal custo­mer and contract data for the esta­blish­ment, content arran­ge­ment and modi­fi­ca­tion of our contrac­tual rela­tion­ships. Data with perso­nal refe­rences to the use of this website (usage data) will be collec­ted, proces­sed, and used only if this is neces­sary to enable the user to use our services or requi­red for billing purposes. The legal basis for these processes is Art. 6(1)(b) GDPR.

The collec­ted custo­mer data shall be dele­ted upon comple­tion of the order or termi­na­tion of the busi­ness rela­tion­ship and upon expi­ra­tion of any exis­ting statu­tory archi­ving periods. This shall be without preju­dice to any statu­tory archi­ving periods.