Tourismus Fulda Privacy Policy
Data protection at a glance
General information
The following information provides a basic overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our Privacy Policy (see below).
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Please see the Legal Notice for their contact information.
How do we collect your information?
On the one hand, your data is collected when you provide it to us. This could be information that you enter in a contact form, for example.
Other data is automatically collected by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system, time the web page was accessed, etc.). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure that we can provide a faultless experience on our website. Other data can be used to analyse your user behaviour.
What are your rights with regard to your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data, free of charge and at any time. You also have the right to request that this data be corrected, blocked or deleted. You can contact us at any time at the address provided in the Legal Notice should you have any questions about this or any other questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.
Analytics and tools from third parties
When you visit our website, your browsing behaviour can be statistically evaluated. This is primarily done with cookies and so-called analytics programs. The analysis of your browsing behaviour is usually conducted anonymously. This means that your browsing behaviour cannot be traced back to you. You can object to this analysis or can prevent it by refraining from using certain tools. You can find detailed information about this in the Privacy Policy below.
You can object to this analysis. The Privacy Policy below contains information on how to withdraw your consent.
General and mandatory information
Privacy Policy
The operators of these web pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this Privacy Policy.
Various personal data is collected when you use this website. Personal data is data that can be used to personally identify you. This Privacy Policy explains which data we collect and what we use it for. It also explains how this data is collected and for what purpose.
We would like to point out that data transmission over the internet (e.g. when communicating by email) may have security gaps. It is not possible to fully protect data against third-party access.
Information about the data controller
The responsible body (data controller) for data processing on this website can be found here.
The data controller is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
Statutory data protection officer
You can contact our data protection officer here.
Withdrawal of your consent to data processing
Many data processing processes are only possible with your express consent. You can withdraw your consent at any time. Simply send us an email stating that you wish to withdraw your consent to data processing. The legality of the data processing carried out prior to the date of revocation remains unaffected.
Right to lodge a complaint with the competent supervisory authority
In the event of breaches of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link (in German): https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to request that the data that we process automatically on the basis of your consent, or in fulfilment of a contract, is handed over to yourself or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done insofar as it is technically feasible.
SSL and/or TLS encryption
This site uses an SSL or TLS encryption for reasons of security and to protect the transmission of confidential content, such as orders or enquiries that you submit to us as the site operator. You can identify an encrypted connection by a lock icon in your browser line, or when the browser’s address line changes from “http://” to “https://”.
If SSL or TLS encryption is activated, the data that you submit to us cannot be read by third parties.
Information, blocking & deletion
Within the framework of the applicable legal provisions, you have the right to receive information free of charge about your stored personal data, its origin and recipients, and the purpose of data processing and, if applicable, a right to correct, block or delete this data. You can contact us at any time for this purpose at the address given in the Legal Notice. You can also contact us should you have any further questions on the subject of personal data.
Objection to marketing emails
We hereby object to the contact information published in the Legal Notice being used for the sending of unsolicited marketing and information materials. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of marketing and advertising, such as spam emails.
Data collection on our website
Cookies
Some of these web pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the next time you visit.
You can adjust the settings on your browser so you are informed when cookies are saved and to only allow cookies in individual cases; to exclude the acceptance of cookies for specific cases or in general; and to activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be impaired.
Cookies that are required to carry out the electronic communication process or to provide certain functions desired by you (e.g. shopping cart function), are used on the basis of Art. 6(1)(f) of the General Data Protection Regulation (GDPR). The website operator has a legitimate interest in storing cookies to provide its services without technical error and to optimise these services. Insofar as other cookies (e.g. cookies to analyse your browsing behavior) are stored, these are treated separately in this Privacy Policy.
Cookie consent with Cookiebot
Our website uses Cookiebot’s cookie consent technology to obtain your consent to store certain cookies in your browser and to document them in accordance with data protection regulations. The provider of this technology is Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter Cybot).
When you enter our website, a Cybot cookie is stored in your browser, which stores your consents or the withdrawal of these consents. If consent is given, the Cybot cookie data is also logged by Cybot. This constitutes:
-
the end user’s IP number in anonymised form (the last three digits are set to “0”)
-
date and time of consent
-
user agent of the end user’s browser
-
the URL from which the consent was sent
-
an anonymous, random and encrypted key
-
the consent status, which serves as proof of consent.
The collected data is stored until you ask us to delete it or you delete the Cybot cookie yourself, or when the purpose for storing the data no longer applies. Mandatory legal storage periods remain unaffected. Details about Cookiebot’s Privacy Policy can be found at: https://www.cookiebot.com/en/privacy-policy/
Detailed information about our cookies and the option to change your consent can be found in our Cookie Policy.
Cookiebot cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1)(1)(c) GDPR.
Server log files
The provider of these web pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information constitutes:
- browser type and browser version
- operating system
- referrer URL
- host name of the accessing computer
- time of server request
- IP address.
This data is not combined with other data sources.
The basis for this data processing is Art. 6(1)(f) GDPR, which permits the processing of data to fulfil a contract or pre-contractual measures.
Enquires sent by email, telephone or fax
If you contact us by email, telephone or fax, your enquiry, including all resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. We will not share this data without your consent.
This data is processed on the basis of Art. 6(1)(b) GDPR if your request is related to the fulfilment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on your consent (Art. 6(1)(a) GDPR) and/or on our legitimate interests (Art. 6(1)(f) GDPR), as we have a legitimate interest in the effective processing of enquiries addressed to us.
The data you send us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or where the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.
Contact form
If you send us enquiries via the contact form, we will store your details from the contact form, including the contact details you provided there, for the purpose of processing the enquiry and in case of follow-up questions. We will not share this data without your consent.
The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6(1)(a) GDPR). You can withdraw this consent at any time. Simply send us an email stating that you wish to withdraw your consent to data processing. The legality of the data processing carried out prior to the date of revocation remains unaffected.
The information you enter in the contact form will remain with us until you request that we delete it, revoke your consent to store it, or where the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent necessary to establish, structure or change the legal relationship (inventory data). This is done on the basis of Art. 6(1)(b) GDPR, which permits the processing of data to fulfil a contract or pre-contractual measures. We collect, process and use personal data about the use of our web pages (usage data) only insofar as this is necessary to enable the user to use the service or, where relevant, to invoice the user.
The collated customer data is deleted upon completion of the order or termination of the business relationship. Mandatory legal storage periods remain unaffected.
Data transfer upon conclusion of contract for services and digital content
We only transfer personal data to third parties if this is necessary as part of contract processing, for example to the bank responsible for payment processing.
Further transmission of data will not take place or will only take place if you have expressly agreed to this data transfer. Your data will not be passed on to third parties, for example for advertising purposes, without your express consent.
The basis for this data processing is Art. 6(1)(b) GDPR, which permits the processing of data to fulfil a contract or pre-contractual measures.
Data transfer
Tourism and Congress Management Fulda acts as a broker for the hotels listed on the tourismus-fulda.de website. We will only share your data with third parties if we are entitled or obliged to do so under applicable law. The same applies if we receive your data from third parties.
Data transfer is also permitted where third parties process the data on our behalf: In cases where we do not carry out our business activities ourselves (e.g. operating the website, online hotel booking, booking package deals), rather have other companies carry out these activities, and where these activities involve the processing of your data, we have previously contractually obliged the companies in question to use the data only for the purposes permitted by law. We are authorised to monitor these companies in this regard.
We use the Deskline software from feratel media technologies AG to process booking enquiries, such as hotel bookings or package deals, which are submitted via the form on our website. We will share your name, email address, address and/or telephone number with the respective provider to prepare and process your booking. This also includes contacting you if there are any changes. This transfer of data serves to fulfil the contract. These transfers are based on a legal obligation.
Analysis tools and advertising
Google Analytics
This website uses features of the web analytics service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and allow your use of the website to be analysed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
The data sent by us and linked to cookies, user IDs or advertising IDs is automatically deleted after 14 months. Data whose storage period has been reached is automatically deleted once a month. You can find more information about terms of use and data protection at https://www.google.com/analytics/terms/en.html or under https://policies.google.com/?hl=en.
IP anonymisation
We have activated the IP anonymisation feature on this website. As a result, your IP address is abbreviated by Google within member states of the European Union, or in other states party to the Agreement on the European Economic Area, prior to transmission to the USA. The full IP address will only be transmitted to a Google server in the USA and abbreviated there in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.
Browser plugin
You can prevent cookies from being saved by adjusting the settings on your browser software; however, we would like to point out that in this case you may not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address), and prevent Google from processing this data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. This causes an opt-out cookie to be stored on your browser to prevent your data from being collected when you visit this website in the future: Deactivate Google Analytics.
More information about how Google Analytics handles user data can be found in Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.
Order data processing
We have concluded a contract with Google for order data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Facebook Pixel
Our website uses the Visitor Action Pixel from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) to measure conversions.
It allows the behaviour of site visitors who have been redirected to the provider’s website by clicking on a Facebook ad to be tracked. As a result, the effectiveness of Facebook ads can be evaluated for statistical and market research purposes and future advertising measures can be optimised.
The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook. This means that a connection to the respective user profile may be possible and that Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This allows Facebook to place advertisements, both on Facebook pages and beyond Facebook. As the site operator, we cannot influence this use of data.
You can find further information on how to protect your privacy in Facebook’s Privacy Policy: https://www.facebook.com/about/privacy/.
You can also deactivate the “Custom Audiences” remarketing feature in the Ads Settings section under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen . To do this, you must be logged in to Facebook.
If you do not have a Facebook account, you can deactivate the usage-based advertising from Facebook via the European Interactive Digital Advertising Alliance’s website: https://www.youronlinechoices.com/uk/your-ad-choices.
Plugins and tools
Google Web Fonts
This site uses so-called web fonts, which are provided by Google, to uniformly display fonts. When you call up a page, your browser loads the required web fonts into your browser cache to correctly display texts and fonts.
The browser you use must connect to Google’s servers for this purpose. As a result, Google becomes aware that our website has been accessed via your IP address. Google Web Fonts are used in the interest of providing a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://www.google.com/policies/privacy/.
Google Maps
This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this transfer of data.
Google Maps is used in the interest of presenting our online offerings in an appealing way and making it easy to find the locations we have specified on the website. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
More information on how to handle user data can be found in Google’s Privacy Policy: https://www.google.de/intl/en/policies/privacy/.
Adobe Typekit
We also use Adobe Typekit to display fonts on our website. Adobe Typekit is a service that provides access to a font library and is provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe). When you call up a page, your browser loads the required web fonts into your browser cache to correctly display texts and fonts. No cookies are placed or used to provide the fonts as part of the Typekit service. To provide the Typekit service, Adobe may collect font information that is used to identify the website itself and the connected Typekit account.
For more information, please visit the page on data protection at Adobe Typekit and see Adobe’s Privacy Policy.
Our social media accounts
Data processing via social networks
We maintain publicly available profiles on social networks. The individual social networks we use can be found below.
Social networks such as Facebook, Google+, etc. can usually comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. “Like” buttons or advertising banners). Visiting our social media pages triggers numerous data protection-relevant processing processes. We provide further information on this below.
If you are logged into your social media account and visit one of our social media pages, the operator of the social media platform can associate this visit with your user account. However, your personal data may also be collected even if you are not logged in or do not have an account with the respective social media platform. In this case, the data collection can take place via cookies that are stored on your device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media platforms can then create user profiles in which the users’ preferences and interests are stored. This then allows for interest-based advertising to be shown to you, both within and beyond the respective social media platform. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.
Please also note that we cannot keep track of all the processing processes used across the social media platforms. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media platforms.
Further details on this can be found in the terms of use and privacy policies of the respective social media platforms.
Legal basis
Our social media presence is designed to ensure that we have as wide an online presence as possible. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR. The analysis processes initiated by social networks may be based on different legal bases, which need to be specified by the operators of the social networks (e.g. consent in the sense of Art. 6(1)(a) GDPR).
Responsible body and enforcement of rights
If you visit one of our social media sites (e.g. Facebook), we, together with the operator of the social media platform, are responsible for the data processing processes triggered during this visit. In principle, you can exercise your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media platform (e.g. against Facebook).
Please note that, despite joint responsibility with the social media platform operators, we do not have full influence on the data processing processes of the social media platforms. Our options are largely based on the policies of the respective provider.
Retention period
The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for storing it no longer applies; you ask us to delete it; you revoke your consent to store it; or the purpose for data storage ceases to apply. Saved cookies remain on your device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no influence on the length of time your data that is stored by social network operators for their own purposes is stored for. For further details, please refer to the information provided by the social network operators (e.g. in their privacy policies, see below).
The different social networks
We have a Facebook profile. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified in accordance with the EUUS Privacy Shield.
We have concluded a joint processing agreement (Controller Addendum) with Facebook. This agreement determines which data processing processes we or Facebook are responsible for when you visit our Facebook page. You can view this agreement at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in:
https://www.facebook.com/settings?tab=ads.
For further details, please see Facebook’s Privacy Policy:
https://www.facebook.com/about/privacy/.