Last updated: October 2023
1. GENERAL INFORMATION
Koblenz-Touristik appreciates your visit to our website as well as your interest in our offers, products and services. The protection of your personal data (hereinafter: "data") is of utmost importance to us and we want you to feel comfortable and secure when visiting and using our websites. Compliance with the statutory data protection provisions is a matter of course for us.
In principle, it is possible to use our website without providing any of your data. In the following, we explain whether and which information is collected and used on our website during your visit.
2. IDENTITY OF THE CONTROLLER
The controller for data processing in line with Art. 4 No. 7 GDPR (EU General Data Protection Regulation) is
reachable via tel.: +49 (0)261-30388-0, fax: +49 (0)261-30388-11, email: email@example.com.
3. DATA PROTECTION OFFICER
Koblenz-Touristik has effectively appointed a data protection officer at
3rd Mind Business Consulting GmbH
Langer Weg 60
For questions regarding data protection, you can reach Mr. Frank Giebel at: DSB-Service@3rd-mind.de
Please note that if you contact us by standard email, the confidentiality of the information transmitted cannot be guaranteed; this is due to the (technical) nature of email transmission. Therefore, we recommend that you send confidential information by post-letter.
4. PERSONAL DATA
This is any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person (human being) is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Basically, this refers to all direct or indirect information that leads to your identity. This includes, for example, details such as name, address, telephone number, email address, bank account details and credit/debit card details as well as fingerprints, photographs, etc.
5. PROCESSING PURPOSES AND LEGAL BASIS
If you provide us with your data, our use of said data is regularly founded on the contract or pre-contractual negotiations concluded with you on the basis of Art. 6 (1) lit. b GDPR or on your voluntary consent in accordance with Art. 6 (1) lit. a GDPR, e.g. for processing your enquiries, using our web forms or similar.
Furthermore, as a public body, we can based on Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP (Rhineland-Palatinate State Data Protection Act) process your data if this is necessary to fulfill a task in the public interest or in the exercise of official authority delegated to us.
Registration for passenger and hotel ships
If we use web forms, your consent is required for the transmission and processing of the information provided therein. The consent text is available to you directly under the respective form.
Your enquiry is then transmitted to our systems and stored for the purpose of executing a contract or a request for information until the process is completed and/or for the duration of the business relationship. Longer storage only takes place if there are legal obligations to retain data (e.g. from tax law).
Your data entered by yourself are typically:
§ Your first and last name (for identification, reservation, registration, etc.)
§ Your postal address (for sending requested information via post)
§ Your email address (for electronic contact/reservation/registration or sending of information)
§ Your desired booking period; if necessary with information on the number of persons, programme wishes etc. (for coordination and preparation of offers)
- Your enquiry itself (free text)
The special processing purposes, possibilities of revocation/objection as well as additional conditions (including, but not limited to participation requirements) are further specified in the texts below the respective forms, if applicable. Please note these instructions before submitting your data through the respective forms.
Automatically collected data when visiting our websites:
In log files ("server log files"), via search engines and/or forms, data is automatically collected when you use our websites, which your web browser/provider automatically transmits to our provider. When you visit our websites, our web servers temporarily store the following data by default:
- the web pages you visit on our site as well as the date, time and duration of your visit
- the type of browser you use, its version and the operating system you use
- the search engine used, if any
- the names of any files downloaded
- the (anonymised) IP address at the time of access
- the type of device used
- the website from which you visit us ("referrer URL").
Insofar as we evaluate this technical data, this is done anonymously and to ensuring the website's smooth connection setup, ensuring comfortable use of our website, evaluating and improving system security and stability as well as other administrative purposes based on Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP. This data is not merged with other data sources. However, we reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.
If we offer a newsletter service on our website and you register for this, we require your email address for delivery. You can provide further information on a voluntary basis. By submitting the data you entered in the newsletter registration form, you agree that we may process this data exclusively for the purpose of sending our newsletter to your specified email address and documenting your consent to this. As a matter of principle, the data will not be passed on to third parties. The processing is founded on Art. 6 (1) lit. a GDPR. You will first receive an automated email containing a link that you must click to activate receipt of the newsletter. In this way, we prevent misuse of your email address and can ensure that you have actually registered yourself. We will not send you any newsletters unless you complete this so-called "double opt-in procedure".
You can withdraw your consent at any time with effect for the future: either via the unsubscribe link in the newsletter or by using the unsubscribe form.
Insofar as we offer online competitions via our website, Participants' data can be processed on the basis of voluntary participation in accordance with Art. 6 (1) lit. a GDPR for the duration of the competition and the sending of the prizes. Upon conclusion of the competitions, the data of the winner/s will be stored in accordance with tax regulations and the data of the non-winners will be deleted.
Use of a destination management system
We use the destination management system "feratel Deskline" of feratel media technologies AG, Maria-Theresien-Straße 8, 6020 Innsbruck, Austria (www.feratel.at) on our website to enable your direct online bookings of, for example, accommodation services and other travel services. Within the framework of this destination management system, feratel media technologies AG processes the data of our institution as well as that of the tourism institutions and supporting offices located in the federal state of Rhineland-Palatinate. You can find the data protection notes and regulations of the destination management system feratel Deskline in the data protection declaration of feratel media technologies AG, which you can view via the link in the booking portal or directly at http://www.feratel.at/rechtliche-hinweise.
For the proper technical functionality of this booking module, the module sets a mandatory technical cookie. Further information on cookies can be found further down in this document.
Data processing may also be necessary on the basis of Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP to establish, assert or defend legal claims in connection with the above-mentioned procedures.
6. RECIPIENTS OR CATEGORIES
We host our websites exclusively in data centres in Germany or the EU.
Your data will not be passed on, sold or otherwise transferred to third parties unless this would be necessary for the purpose of processing a contract or providing a service, or unless you have expressly consented to this.
Furthermore, data is processed on our behalf on the basis of Art. 28 GDPR (order processing), e.g. for external services for the operation of our IT infrastructure.
In addition, data processing and its transmission to state institutions and authorities entitled to receive information only takes place within the framework of the relevant laws or if we are obligated to do so by a judicial ruling (cf. Art. 6 (1) lit. c GDPR in conjunction with § 3 LDSG RP).
7. AUTOMATED DECISION-MAKING/PROFILING
Automated decision-making/profiling or scoring in the sense of Art. 22 GDPR does not take place.
8. CRITERIA FOR RENTENTION PERIOD AND DELETION OF DATA
The retention period of your data depends on the processing purposes (see above) or the statutory retention/limitation and deletion periods. As a rule, they are stored for the duration of the business relationship with us. Longer (access-protected) storage only takes place in accordance with the relevant statutory retention obligations (e.g. for accounting and tax purposes) or for the exercise/defence of legal claims.
As far as your data is no longer required for the aforementioned purposes, including legal retention obligations, it will be deleted within the legal periods.
For technical reasons, data may be duplicated in backup files and mirrors. Such copies will also be deleted with a time delay for technical reasons.
A cookie is a small data package in the form of a text file that is transferred from your device to your browser when you visit a website and is then stored on your computer. Cookies do not regularly cause any damage to your computer, nor do they contain viruses or personal data. Cookies are primarily used to ensure basic technical functions of the website, e.g. navigation or shopping basket and booking functions, as well as to save user information during or after a visit to a website. This includes, for example, language settings for multilingual websites, login status or the point up to which a video was viewed so that it can be played at the same point on the next visit. Furthermore, related technologies with the same function may be included, which, for example, store pseudonymised user details in so-called "user IDs".
Some cookies, especially those from third parties, transfer their content and other information about visitors to the respective locations, among other things, to third countries, which is why your consent is required for this.
This website uses the following cookies:
- Mandatory or "essential" cookies are absolutely necessary for the proper technical operation of a website or for reasons of information security. These cannot be "deselected" to ensure the functionality of this website (e.g. for booking functions via DESKLINE (see above), to store your cookie preferences).
§ Statistics and third-party cookies: No personal data is analysed for the use of MATOMO nor is it transferred to third countries. However, third-party cookies (e.g. for GoogleMaps) require your consent. You give this either via a manual "double-click" solution directly on the element or via our Cookie Consent Box (CCB).
- Cookies for external media: Your consent is required for the integration and display of YouTube videos, for example, because this would regularly require data to be transferred to third countries. Content from video and social media platforms is blocked by default. You give your consent either via a manual "double-click" solution or via our Cookie Consent Box (CCB).
Legal basis for setting cookies
In principle, we do not process any personal data with the help of cookies, unless this would be necessary for a function of this website for the fulfilment of a contract with you, e.g. for bookings (cf. Art. 6 (1) lit. b or 49 (1) lit. b GDPR) or on the basis of your consent (cf. Art. 6 (1) lit. a or 49 (1) lit. a GDPR). In other cases, we process purely technical data without reference to persons on the basis of Art. 6 (1) lit. e GDPR in conjunction with § 3 LDSG RP. These are for the purposes of a properly functioning website, an economic and secure operation of the website and the optimisation of our online offer.
Effective consent of and withdraw of consent to cookies
Before a cookie is set on the legal basis of consent, we ask you for your consent directly at the location of this function by active click or via our "cookie consent box" (CCB). You can withdraw this consent at any time with effect for the future by closing the browser or via our CCB. If this consent is not given, only those cookies that are technically absolutely necessary will be set, the use of which is based on our interest and the interest of users in the expected security and functionality of our website.
Basic settings via your browser
Regardless of the respective legal basis for setting cookies (see above) and the technology used (cookie banner, cookie box), you can define the management of cookies fundamentally via the browser you use; these then apply regularly to all websites in that your browser
- informs you about the setting of cookies,
- allows cookies only in individual cases, excludes cookies for specific cases or in general, or
- automatically deletes cookies from your computer when you close your browser.
To implement this, please follow the instructions in your browser manual.
Cookie block of online services (typically not secure)
Cookie management via our Cookie Consent Box (CCB)
You can give your consent (activation of cookies) and withdraw of your given consent (de-activation of cookies) elegantly via our "cookie consent box", which automatically appears on your screen when you first visit our website. You can access the "cookie consent box" at any time by clicking on the corresponding (moving) symbol on the side. Deactivation (withdraw) is just as simple as activation (consent): by setting or deselecting the corresponding tick. Exceptions are, as already mentioned, the technically necessary ("essential") cookies for the proper and secure functioning of our website (see above).
Please note that the deactivation of cookies may lead to the restriction of certain functions of our website.
10. USE OF MATOMO
As part of our internet service and in order to further improve our website for you and to adapt it even more to the needs of the users, we use the open source tool "Matomo" for the statistical evaluation of website use (for further information, please visit: https://www.matomo.org). The information obtained in this way is not passed on to third parties.
Matomo is configured so that no personal data is processed (e.g. no user IDs, user tracking) and no cookies are set. There is also no "device fingerprinting", i.e. your input device cannot be recognised. Anonymisation takes place immediately after processing the IP address and before it is stored on our web server. This is done by shortening the IP address by the last octets in accordance with the resolutions of the Data Protection Conference of the Federal and State Data Protection Authorities (DPC) of Germany. This means that you as the user always remain anonymous.
The anonymous statistical data includes, for example:
- browser type and version
- operating system used
- device type, model and brand
- screen resolution
- search engine used
- the websites visited, including the time spent on them
- search terms and keywords, if applicable
- day and time of the visit
- location of the visit (continent, country, region, city)
- browser language.
- The number of visitors to each individual web page,
- The internet provider used.
12. USE OF GOOGLE WEB FONTS
This website uses so-called "web fonts" from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for the uniform display of fonts. When you call up a page, your browser automatically loads the required fonts into its browser cache. We regularly keep these fonts locally on our servers, i.e. no connection needs to be established with the transmission of your IP address to the Google servers.
However, it cannot be completely ruled out that your browser will nevertheless establish a connection to Google servers for these or other purposes, which will ultimately make Google aware that our website was accessed via the IP address you used.
If your browser does not support web fonts, a standard font will be used by your computer.
13. INTEGRATION OF YOUTUBE VIDEOS
We integrate videos from YouTube (belonging to Google, see above) into our online offer via corresponding plug-ins on the basis of your consent in accordance with Art. 6 (1) lit. a GDPR, This data transfer to a third country is legitimised by an Adequacy Decision oft he EU-Commission in conjunction with the EU-US-Data Privacy-Framework (DPF), the US-american company is according the U.S. Department of Commerce pursuant certified (pls. refer to https://www.dataprivacyframework.gov/s/data-protection-authorities). The video-clips are regularly stored on www.youtube.com and can or will be played directly from our website. These are primarily integrated in "extended data protection mode", i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the following paragraph be transferred. We have no influence on this data transmission.
You give your consent by using the so-called "double-click" solution, i.e. as long as you do not click on a YouTube video marked accordingly, it will neither be played nor will data be transmitted to the YouTube servers. Only when you explicitly click on the video (again) does the streaming service start. A connection is then established to the YouTube servers in the USA and YouTube receives the information that you have accessed this corresponding sub-page of our website. This takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to YouTube / Google, your data will be directly assigned to your account. If you do not want your data to be associated with your YouTube profile, you must log out of your account before activating the video. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or designing its website in line with requirements. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and to exercise this right you must contact YouTube or Google.
14. CHILDREN & YOUTH
As a matter of principle, persons under the age of 18 should only transmit their personal data on the Internet with the consent of their parents or legal guardians. We neither request such information from children and young people, nor do we collect it, and we certainly do not pass it on to third parties.
15. TECHNICAL DATA PRIVACY (IT-SECURITY)
We have taken technical and organisational security measures to protect your data from data-loss, destruction, manipulation and unauthorised access and in particular to maintain confidentiality, availability and (data) integrity, e.g. by storing it in data centres only in Germany or the EU. All employees and all persons involved in data processing (including those of commissioned service providers) have been obligated by us to maintain confidentiality, to comply with data protection regulations and to handle personal data with care.
To protect security during transmission, we encrypt your data with Secure Socket Layer (SSL) or the newer standard TLS (Transport Layer Security) where possible. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and a lock symbol is displayed in the address line of the browser.
Our security measures are continuously adapted in line with technological developments.
16. YOUR RIGHTS AS A DATA SUBJECT
As a data subject, authorised or otherwise entitled person, you have the possibility to assert the following rights against us at any time in writing or by e-mail, provided that there are no contractual or legal provisions to the contrary or the processing is necessary for other reasons.
To do so, please use the contact options at the beginning of this document.
Right to access: You can obtain information about your personal data stored by us at any time. Please only submit requests for information in writing (letter) or in text form (email). For data protection reasons and due to the lack of qualified identification possibilities, no information will be provided by telephone.
Right to rectification: If we process personal data directly from you and you discover incorrect information or a need to update it, you are welcome to inform us of this for correction purposes. In the case of significant changes, please enclose appropriate supporting documents with your application (e.g. in the case of name changes due to marriage or similar).
Right to erasure: You have the right to request the erasure of your personal data from us at any time. Please note that we are legally obligated to retain certain data in accordance with statutory retention obligations. We will then inform you of these data categories.
Right to restriction: You can request to restrict the processing of your personal data at any time.
Right to data portability (data export): As you do not usually provide us with personal data via our websites, we cannot offer you a classic data export function for this purpose. In any case, we will examine your request in accordance with the legal provisions and technical feasibility and contact you immediately regarding implementation.
Right of objection/withdrawal: You can object to the processing of your personal data by us at any time or revoke any consent you have given with effect for the future.
Right to complain to the supervisory authorities: You have the right to lodge a complaint with your competent state data protection supervisory authority if you believe that our processing of personal data concerning you violates the GDPR (General Data Protection Regulation). You can find the address on the website of the Federal Commissioner for Data Protection and Freedom of Information in Berlin (BfDI).
17. COMPETENT DATA PROTECTION SUPERVISORY AUTHORITY
The following supervisory authority is responsible for Koblenz-Touristik GmbH:
The State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate
Hintere Bleiche 34
18. LINKS TO OTHER WEBSITES
If you use links to external websites that are offered as part of our website, our data protection information does not extend to these external websites.
At the time the link was set up, we were able to satisfy ourselves as to the correctness of the linked website(s) in terms of content and security, and we check this regularly. However, we have no influence on the further compliance with data protection and security regulations of other providers or changes in content.
If you click on links to external websites displayed on our website, these external websites may collect user data if you click on these links or otherwise follow the instructions of these external websites, in particular if you are logged in to other platforms or similar. We have no control over the data that is collected voluntarily or involuntarily via advertisements or third-party websites. Therefore, please also inform yourself on the websites of the other providers about the data protection declarations provided there for your safety.
If you become aware of an "unsafe" link originating from our applications, please inform us immediately so that we can investigate the matter. Thank you.
If the legal situation or technical developments make it necessary, we reserve the right to change our security and data protection measures accordingly. In such cases, we will also adapt this document.
Please therefore note the current version at the beginning of this document.
20. FURTHER INFORMATION