Privacy Policy
This Privacy Policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) within our online offer and the related websites, features, and content, as well as external online presences, such as our social media profiles (collectively referred to as “online offer”). For terminology used, such as “processing” or “controller,” please refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Controller
Sven Jungnickel
Auenstraße 9
85737 Ismaning
Small business according to § 19 UStG / Tax ID 145/107/31310
Represented by:
Sven Jungnickel
Contact:
Email: webmaster@traumziel-sardinien.com
Responsible for content according to § 55 Abs. 2 RStV:
Sven Jungnickel
Auenstraße 9
85737 Ismaning
Types of Data Processed:
– Master data (e.g., names, addresses)
– Contact data (e.g., email, phone numbers)
– Content data (e.g., text entries, photographs, videos)
– Usage data (e.g., websites visited, interest in content, access times)
– Meta/communication data (e.g., device information, IP addresses)
Categories of Data Subjects
Visitors and users of the online offer (hereinafter collectively referred to as “users”).
Purpose of Processing
– Provision of the online offer, its features, and content.
– Response to contact requests and communication with users.
– Security measures.
– Audience measurement/marketing.
Terminology
“Personal data” means any information relating to an identified or identifiable natural person (the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier (e.g., cookie), or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.
“Processing” means any operation or set of operations performed on personal data, with or without automated processes. The term is broad and covers practically any handling of data.
“Pseudonymization” refers to processing personal data so that the data can no longer be assigned to a specific data subject without additional information, provided this additional information is stored separately and subject to technical and organizational measures that prevent identification.
“Profiling” means any form of automated processing of personal data that involves the use of such data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning that person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
“Controller” means the natural or legal person, authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a natural or legal person, authority, agency, or other body that processes personal data on behalf of the controller.
Legal Basis
In accordance with Art. 13 GDPR, we inform you about the legal bases of our data processing activities. Unless the legal basis is stated in this Privacy Policy, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR; the legal basis for processing to fulfill our services and carry out contractual measures, as well as responding to inquiries, is Art. 6(1)(b) GDPR; the legal basis for processing to fulfill our legal obligations is Art. 6(1)(c) GDPR; and the legal basis for processing to protect our legitimate interests is Art. 6(1)(f) GDPR. In cases where the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR serves as the legal basis.
Security Measures
We take appropriate technical and organizational measures, in accordance with Art. 32 GDPR, to ensure a level of security appropriate to the risk. Measures include securing data confidentiality, integrity, and availability by controlling physical access to data and access, input, transmission, availability, and separation. We also have procedures in place to ensure the exercise of data subjects’ rights, deletion of data, and response to data threats. We consider the protection of personal data in the development or selection of hardware, software, and procedures in line with data protection by design and by default (Art. 25 GDPR).
Collaboration with Processors and Third Parties
If, in the context of our processing, we disclose data to other persons or companies (processors or third parties), transmit it to them, or otherwise grant them access to the data, this will only take place on the basis of a legal permission (e.g., when a transfer of data to third parties, such as payment service providers, is necessary for the performance of a contract according to Art. 6(1)(b) GDPR), your consent, a legal obligation, or on the basis of our legitimate interests (e.g., in the use of agents, web hosts, etc.). Where we commission third parties to process data based on a so-called “processing agreement,” this is done on the basis of Art. 28 GDPR.
Data Transfers to Third Countries
If we process data in a third country (i.e., outside the EU or EEA) or do so through the use of services from third parties or disclosure, or transfer of data to third parties, this only occurs if it is necessary for the fulfillment of our (pre-)contractual obligations, based on your consent, due to a legal obligation, or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow data to be processed in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means that the processing is based on special safeguards, such as the officially recognized determination of an adequate level of data protection (e.g., the “Privacy Shield” for the USA) or compliance with officially recognized special contractual obligations (so-called “Standard Contractual Clauses”).
Rights of Data Subjects
You have the right to request confirmation as to whether data concerning you is processed and to access information about this data, as well as to further information and copies of the data in accordance with Art. 15 GDPR. You have the right under Art. 16 GDPR to request the completion of data or the rectification of incorrect data concerning you. You have the right under Art. 17 GDPR to request the immediate deletion of relevant data, or alternatively, the restriction of processing of the data in accordance with Art. 18 GDPR. You have the right to request to receive data that you have provided to us under Art. 20 GDPR and to request their transfer to other controllers. You also have the right to file a complaint with the relevant supervisory authority according to Art. 77 GDPR.
Right to Withdraw Consent
You have the right to withdraw your given consent at any time with effect for the future under Art. 7(3) GDPR.
Right to Object
You may object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. The objection may in particular be directed against processing for direct marketing purposes.
Cookies and Right to Object to Direct Advertising
“Cookies” refer to small files stored on users’ computers. Various types of information may be stored within cookies, which are primarily used to retain data about a user (or the device on which the cookie is stored) during or after a visit to an online service. Temporary cookies, also known as “session cookies” or “transient cookies,” are deleted after a user leaves the online service and closes their browser. These may store information such as the contents of a shopping cart or login status in an online shop. “Permanent” or “persistent” cookies, on the other hand, remain stored even after the browser is closed. For instance, the login status may be saved, allowing users to return to the website without logging in each time. Additionally, such cookies may store information about user interests for audience measurement or marketing purposes. “Third-party cookies” are cookies provided by parties other than the controller operating the online service (otherwise, they are referred to as “first-party cookies”).
We may use both temporary and permanent cookies, and we provide details about them in this Privacy Policy.
If users do not wish to have cookies stored on their computer, they are asked to disable the corresponding option in their browser’s system settings. Saved cookies may be deleted in the browser’s system settings. Disabling cookies may lead to limited functionality of this online service.
Users may object to the use of cookies for online marketing purposes, especially in the case of tracking, on many services through the U.S. website http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com. Additionally, the storage of cookies may be prevented by disabling them in the browser settings. Please note that disabling cookies may limit the functionality of this online service.
Data Deletion
We delete processed data in accordance with Articles 17 and 18 of the GDPR or restrict its processing. Unless explicitly stated in this Privacy Policy, stored data will be deleted when it is no longer needed for its intended purpose, provided that no legal storage obligations apply. If data cannot be deleted due to legal requirements, its processing will be restricted. This means the data will be locked and not used for other purposes. This applies, for example, to data that must be retained for commercial or tax-related reasons.
In accordance with German regulations, records must be retained for ten years according to Sections 147(1) AO, 257(1) Nos. 1 and 4, and 257(4) HGB (e.g., books, records, management reports, accounting documents, commercial books, documents relevant for taxation) and for six years under Section 257(1) Nos. 2 and 3, and Section 257(4) HGB (commercial correspondence).
Participation in Affiliate Programs
Within our online offerings, we use standard tracking measures based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online services) in accordance with Article 6(1)(f) GDPR, to the extent that such tracking is necessary for the operation of the affiliate system. We inform users below about the technical background.
Services offered by our contractual partners may also be advertised and linked on other websites (so-called affiliate links or post-purchase systems, such as when links or services from third parties are offered after a transaction is completed). The operators of the respective websites receive a commission if users follow affiliate links and subsequently use the offers.
In summary, it is necessary for our online offerings to be able to track whether users interested in affiliate links and/or the offers available through us, later engage with the offers prompted by the affiliate links or our online platform. To this end, affiliate links and our offers are supplemented with specific identifiers, which may be a part of the link or set in another way, e.g., in a cookie. These identifiers include, in particular, the originating website (referrer), time, an online identifier for the website operator where the affiliate link was located, an online identifier for the respective offer, an online identifier for the user, as well as tracking-specific values such as advertisement ID, partner ID, and categorizations.
The online identifiers we use for users are pseudonymized values, meaning they do not contain personal data, such as names or email addresses. These identifiers simply help us determine if the same user who clicked on an affiliate link or showed interest in an offer on our online platform actually used the offer, such as by entering into a contract with the provider. However, the online identifier is considered personal data to the extent that the partner company and we hold the online identifier along with other user data. Only in this way can the partner company inform us if the user utilized the offer so that we, for example, can issue a bonus.
Amazon Affiliate Program
We participate in Amazon EU’s affiliate program based on our legitimate interests (i.e., interest in the economic operation of our online offerings within the meaning of Article 6(1)(f) GDPR). This program is designed to provide a medium for websites to earn advertising fees by placing advertisements and links to Amazon.de (affiliate system). As an Amazon partner, we earn from qualifying purchases.
Amazon uses cookies to track the origin of orders. For example, Amazon can recognize that a partner link on this website was clicked, and a purchase was subsequently made on Amazon.
For more information on data use by Amazon and options for opting out, please see Amazon’s privacy policy: [Amazon Privacy Policy](https://www.amazon.de/gp/help/customer/display.html?nodeId=201909010).
Note: Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.
Booking.com Affiliate Program
We participate in the Booking.com affiliate program based on our legitimate interests (i.e., interest in the economic operation of our online offerings in the sense of Article 6(1)(f) GDPR). This program is designed to provide a platform for websites to earn advertising fees by placing advertisements and links to Booking.com (affiliate system). Booking.com uses cookies to track the origin of bookings. For example, Booking.com can identify if you clicked on an affiliate link on this website and subsequently made a booking on Booking.com.
For more information on data use by Booking.com and options to object, please see the company’s privacy policy: [Booking.com Privacy Policy](https://www.booking.com/content/privacy.de.html).
Awin Affiliate Program
We also participate in Awin Group’s affiliate program based on our legitimate interests (i.e., interest in the economic operation of our online offerings in the sense of Article 6(1)(f) GDPR). This program allows websites to earn advertising fees by placing advertisements and links to Awin (affiliate system). Awin uses cookies to track the origin of transactions. For example, Awin can recognize if you clicked on an affiliate link on this website and subsequently completed a transaction via Awin.
For more information on data use by Awin and options to object, please see Awin’s privacy policy: [Awin Privacy Policy](https://www.awin.com/de/datenschutzerklarung).
Contact
When contacting us (e.g., via contact form, email, telephone, or social media), the user’s information will be processed to handle the contact request and its management in accordance with Article 6(1)(b) GDPR (within the framework of contractual/pre-contractual relationships) and Article 6(1)(f) GDPR (other inquiries). User information may be stored in a Customer Relationship Management System (“CRM System”) or similar organization of inquiries.
We delete requests if they are no longer necessary. We check the necessity every two years; statutory archiving obligations also apply.
Google AdSense with Personalized Ads
Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering within the meaning of Article 6(1)(f) GDPR), we use services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
Google is certified under the Privacy Shield agreement, which provides a guarantee to comply with European data protection law ([Privacy Shield Certification](https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)).
We use AdSense, which displays ads on our website, allowing us to earn remuneration for their display or other usage. User data, such as clicks on ads and the IP address, is processed for this purpose, whereby the IP address is shortened by the last two digits. Therefore, data processing of user data is pseudonymized.
We use AdSense with personalized ads. Google draws conclusions about users’ interests based on websites or apps visited, creating user profiles. Advertisers use this information to tailor campaigns to users’ interests, which benefits both users and advertisers. For Google, ads are personalized if collected or known data determine or influence ad selection. This includes past searches, activities, website visits, app usage, demographic, and location information. Specific aspects include demographic targeting, interest category targeting, remarketing, and targeting based on customer match lists and audience lists uploaded to DoubleClick Bid Manager or Campaign Manager.
For more information on data use by Google, settings, and opt-out options, please see the [Google Privacy Policy](https://policies.google.com/technologies/ads) and [Google Ad Settings](https://adssettings.google.com/authenticated).
Google AdSense with Non-Personalized Ads
We use AdSense with non-personalized ads based on our legitimate interests (Article 6(1)(f) GDPR). Non-personalized ads are not based on user profiles and rely solely on context, such as broad (e.g., city-level) geographic targeting based on the user’s current location, the website’s content, or recent search terms. Google does not conduct personalized targeting, such as demographic or user list-based targeting, for non-personalized ads.
For more details on data usage by Google, settings, and opt-out options, see the [Google Privacy Policy](https://policies.google.com/technologies/ads) and [Google Ad Settings](https://adssettings.google.com/authenticated).
Use of Ezoic
This website uses Ezoic, a service provided by Ezoic Inc., 5870 El Camino Real, Carlsbad, California 92008, United States.
Ezoic is a Google-certified service that offers personalization and analytics on this website. Ezoic’s privacy policy for this website, along with information on data usage and cookies used by Ezoic, can be found at the following link: [Ezoic Privacy Policy](https://g.ezoic.net/privacy/traumziel-sardinien.com).
Generated with the Privacy Policy Generator by RA Dr. Thomas Schwenke
Translated from German with ChatGPT.com