Privacy policy

Copyright

The contents of the DERTOUR Hotels & Resorts website are protected by copyright. All rights are reserved. With the exception of the downloads offered for use in the original version, the use of the texts and illustrations, even in extracts, without the prior written consent of n violates the provisions of copyright law and is therefore illegal. This also applies in particular to all utilisation rights such as reproduction, translation or use in electronic systems. Registered trademarks, trade names and logos are used on our website. Even if these are not labelled as such in the respective places, the corresponding legal provisions apply.

DERTOUR Central Europe GmbH, Humboldtstraße 140-144, 51149 Cologne, Germany, is responsible for data collection and processing, datenschutz@dertour.com responsible.

Handling of personal data

The protection of your privacy is very important to us. We have therefore designed our website in such a way that it can be used anonymously. We use information that we receive and store during your visit to our website exclusively for internal purposes and to improve the design of the website. We only store the IP address transmitted by your web browser for a certain period of time in order to be able to recognise, limit and eliminate faults or errors (e.g. attacks on our servers). At the end of this period, we delete or anonymise the IP address. We only use the IP address strictly for the above-mentioned security purposes. Further information on the processing of the IP address can be found in the „Usage data“ section below.

Usage data/logfiles

When you visit our website, so-called usage data is temporarily stored on our web server as a log for statistical purposes in order to improve the quality of our web pages.

This data set consists of:

• of the page from which the file was requested,
• the name of the file,
• the date and time of the request,
• the amount of data transferred,
• the access status,
• the description of the type of web browser used,
• the IP address of the requesting computer (see above anonymised after the above-mentioned period).

We use this information to enable our website to be accessed, to control and administer our systems and to improve the design of the website. The stored data is anonymised in accordance with applicable legal requirements. The creation of personal user profiles is therefore excluded. Data about persons or their individual behaviour is not collected.

Data recipient

We only transfer your data to third parties (e.g. to service providers such as hoteliers, airlines or credit institutions for payment processing) if we are authorised to do so under data protection law. Your data may also be passed on by us to external service providers (e.g. IT service providers, companies that destroy or archive data, printing service providers) who support us in data processing within the framework of order processing strictly in accordance with instructions.
Data processing may also take place outside the EU or the EEA. As a suitable guarantee for the legality of these data transfers, we have concluded EU standard contracts with the recipients in accordance with Art. 46 para. 2 lit. c GDPR or there are legal exceptions. We will neither sell your personal data to third parties nor market it in any other way.

Use of cookies

Cookies are text files that are stored on the user's hard drive when they visit a website. They are harmless to your computer and cannot be viewed by third parties. They make it possible to store information for a certain period of time and to identify the user's computer.
If you accept our cookies, they will remain on your computer for a period of 30 days unless you delete them beforehand. During an online booking, cookies are temporarily stored for the duration of the booking. These are automatically deleted after 30 minutes of inactivity or after closing the website.
You can object to the collection and storage of your data via this service at any time. If you want to avoid the activation of cookies, deactivate them in your browser. Please note, however, that disabling cookies may restrict the use of the website and the services offered.

Form pages

Our website also offers the opportunity to get in touch with us on a wide range of topics. Examples of this are contact forms. Depending on the background of the contact, various data is requested in the form. Personal details such as title, first name, surname and email address are usually mandatory for the purpose of establishing contact and addressing you personally. 

Market research

Dertour Group GmbH, Humboldtstraße 140-144, D - 51149 Cologne is also responsible for customer surveys/market research. From time to time, Dertour Group GmbH conducts cross-brand customer surveys with the aim of adapting products to customer needs. Dertour Group GmbH receives aggregated results or anonymised responses. The answers are used exclusively for this research. The answers are treated confidentially and are never linked to your customer ID or e-mail address. In order to register participants for a prize draw for a voucher, Dertour Group GmbH may process the survey ID for this purpose. However, the survey ID will be used without the associated answers. 

By participating in the survey, you consent to this processing (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time with effect for the future by sending an email to datenschutz@dertour.com revoked.

Participation in the competition is for the fulfilment of the competition contract (Art. 6 para. 1 lit. b GDPR). We use your first name, surname and email address for this purpose. If this data is not available, participation in the competition is not possible.

Where necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and fulfilment of a contract. In addition, we are subject to various retention and documentation obligations arising from the German Civil Code (BGB), the German Commercial Code (HGB) and the German Fiscal Code (AO), among others.

Retention for 3 years according to §§ 195 ff. BGB

Beginning at the end of the year in which the claim arose and the creditor becomes aware of the circumstances giving rise to the claim and the identity of the debtor or should have become aware of them without gross negligence for the assertion, exercise or defence of legal claims in accordance with Section 199 (1) BGB.

Storage for 6 years

It begins at the end of the calendar year in which the last entry was made in the trading book, the inventory was prepared, the opening balance sheet or the annual financial statements were adopted, the individual financial statements pursuant to Section 325 (2a) or the consolidated financial statements were prepared, the commercial letter was received or sent or the accounting voucher was created in accordance with the statutory retention periods for commercial letters pursuant to Section 257 (5) HGB and begins at the end of the calendar year in which the last entry was made in the trading book, the inventory, opening balance sheet, annual financial statements or management report were prepared, the commercial or management report was prepared or the annual financial statements were adopted. 5 HGB for commercial letters and begins at the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report was prepared, the commercial or business letter was received or sent or the accounting document was created, furthermore the record was made or the other documents were created in accordance with § 147 para. 4 AO for commercial and business letters, other documents, insofar as they are relevant for taxation.

Your data will not be transferred to recipients in a third country to carry out this processing. Insofar as data transfer outside the scope of the EU GDPR is necessary due to our predominantly legitimate interest, this is secured, among other things, by EU standard contractual clauses in accordance with Art. 46 para. 2 lit. c EU GDPR. If necessary, the EU standard contractual clauses are supplemented by further contractual assurances. Information and copies can be obtained via the contact details provided. No profiling or automated decision-making takes place.

Your rights: Data subjects have the right to obtain information from the controller about the personal data concerning them and to have incorrect data corrected or deleted if one of the reasons stated in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued. There is also the right to restriction of processing if one of the conditions specified in Art. 18 GDPR applies and, in the cases of Art. 20 GDPR, the right to data portability. If data is collected on the basis of Art. 6 para. 1 lit. e or lit. f, the data subject has the right to object to the processing at any time for reasons arising from their particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority

Every data subject has the right to lodge a complaint with a supervisory authority if he or she considers that the processing of data relating to him or her infringes data protection regulations. The right to lodge a complaint may be exercised in particular with a supervisory authority in the Member State of the data subject's habitual residence or place of the alleged infringement.

Data security

To protect your data from unauthorised access, we use an encryption process on our website. You can recognise this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.

Referral and linking to social media networks 

You will find links to social media networks such as LinkedIn on our website. These are not plugins provided by LinkedIn, which transmit data to the provider when the page is loaded without the user having any influence.  

The buttons for the social media networks only contain a link to the social media network including the website to be shared. No user data is transmitted from the website to the social media network.  If you are already logged in to the relevant social media service when you click on the button, this will be recognised in the dialogue for sharing the website so that you can share the content directly. If this is not the case, you will be asked to log in to the social media network. From this point onwards, you will be on the website of the respective social media network. 

Integration of Google Maps

The map service Google Maps is connected to our website via an API. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored on Google servers in the USA. This results in the transfer of data to a third country (USA) with an insecure level of data protection.

We use Google Maps on our websites to present our job adverts in an appealing way and to show you the exact location of our sites. This data processing is legitimised with consent in accordance with Art. 6 para. 1 lit. a GDPR. You can find more information on the handling of your data in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

Rights of the data subject

Data subjects have the right to obtain information from the controller about the personal data concerning them and to have incorrect data corrected or deleted if one of the reasons stated in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued. There is also the right to restriction of processing if one of the conditions specified in Art. 18 GDPR applies and, in the cases of Art. 20 GDPR, the right to data portability. If data is collected on the basis of Art. 6 para. 1 lit. e or lit. f, the data subject has the right to object to the processing at any time for reasons arising from their particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority

Every data subject has the right to lodge a complaint with a supervisory authority if he or she considers that the processing of data relating to him or her infringes data protection regulations. The right to lodge a complaint may be exercised in particular with a supervisory authority in the Member State of the data subject's habitual residence or place of the alleged infringement.