With this data protection declaration, we inform you about the processing of your personal data by us and about the rights to which you are entitled when booking a travel service.
(Status: December 2023)
The following company is responsible for data collection and processing:
DER Deutsches Reisebüro GmbH & Co. OHG
Data protection
Emil-von-Behring-Str. 6
60439 Frankfurt
E-Mail: datenschutz@dertouristik.com
We process data that we receive as part of our contractual relationship with you or on the basis of your consent. We receive the data directly from you, e.g. as part of the travel booking or other order placement, e.g. via a travel agent, advertising co-operation partner.
If you provide us with the personal data of other persons (e.g. fellow travellers) as a travel applicant, you must ensure that they agree to this and that you are permitted to transmit the data. You must ensure that these persons know how their personal data can be processed by us and what rights they have.
Where necessary, we process the following categories of data:
We process your data to prepare offers and execute our contracts with you, i.e. in particular to arrange travel services, including complaint and complaint management (agency contract) by us or by authorised third parties. Further purposes are
We are subject to various legal obligations and statutory requirements (e.g. German Civil Code (BGB), EU travel law, German Commercial Code (HGB), GoB, Passenger Name Record Act, tax laws of the Federal Republic of Germany). Your data may be processed by us or authorised third parties for the purposes of identity and age verification, the prevention of criminal offences (e.g. fraud), the fulfilment of tax law/official control and reporting obligations, the assessment and management of risks as well as financial and tax law retention.
In order to protect the vital interests of you or another natural person, e.g. to be able to provide emergency services with an evacuation list in emergency situations, your data may be processed by us or authorised third parties.
Your data may be processed by us or by authorised third parties as part of a balancing of interests to protect legitimate interests. This is done for the following purposes:
Our interest in the respective processing results from the respective purposes (profit generation, avoidance of legal risks, assertion, exercise or defence of legal claims, provision and security of our business operations, efficient task fulfilment, process optimisation).
As far as the specific purpose allows, we process your data pseudonymised.
If you have given us your consent to process your personal data, this consent is the legal basis for the processing mentioned there. In particular, you may have consented to being contacted for advertising purposes by email, post, telephone or messenger service. You can revoke your consent at any time with effect for the future. To do so, please contact us at our contact address. The cancellation only applies to future processing, not to processing that has already taken place.
Separate consents can be granted for the following services:
You have the option of registering for our free newsletter on some of our websites. The newsletter contains current offers on travel services, attractive specials and competitions. If you subscribe to the newsletter, we will process the data listed below. We only process this data to the extent that it is actually collected by us.
We work together with empaction GmbH, Marktstraße 33-35, 60388 Frankfurt am Main, Germany, to send newsletters. For these purposes, empaction stores your e-mail address and the date of registration. A corresponding order processing contract has been concluded.
You can unsubscribe from the newsletter at any time with effect for the future. You can do this by contacting us directly and using the "Unsubscribe from newsletter" link contained in every newsletter or, if applicable, via a link in the email for existing customer emails, without incurring any costs other than the transmission costs according to the basic rates. Your data will be blocked for advertising purposes. Your data will be deleted when priority retention periods have expired.
Your personal data will only be passed on in compliance with the provisions of the EU GDPR and only insofar as a legal basis permits this. Your data will only be received by those bodies that need it to fulfil our contractual and legal obligations or to fulfil their respective tasks, e.g.
Where necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and fulfilment of a contract. In addition, we are subject to various retention and documentation obligations arising from the German Civil Code (BGB) and EU travel law, the German Commercial Code (HGB) and the German Fiscal Code (AO), among others.
in the case of other claims for damages pursuant to Section 199 (3) BGB after ten years from the time they arise
Processing for advertising purposes can be objected to free of charge at any time upon informal request in accordance with Art. 21 EU GDPR; in this case, the data will be blocked for advertising purposes. Your data will be deleted when priority retention periods have expired.
Your personal data will be deleted on the basis of your consent as soon as the purpose has been fulfilled or until revocation and when priority retention periods have expired.
We only transfer your data to recipients outside the scope of the EU GDPR and if there is neither an adequacy decision pursuant to Article 45(3) nor suitable guarantees pursuant to Article 46, including binding internal data protection regulations, insofar as the transfer is necessary:
These data processing operations are permissible derogations from Art. 49 EU GDPR.
If a data transfer outside the scope of the EU GDPR is necessary due to our predominantly legitimate interest or if you have given us your consent, this is secured, among other things, by EU standard contractual clauses in accordance with Art. 46 para. 2 lit. c EU GDPR. If necessary, the EU standard contractual clauses are supplemented by further contractual assurances. You can obtain information on this via the contact details provided.
You have the right to information (Art. 15 EU GDPR, Section 34 BDSG), to rectification (Art. 16 EU GDPR), to erasure (Art. 17 EU GDPR, Section 35 BDSG), to restriction of processing (Art. 18 EU GDPR) and to data portability (Art. 20 EU GDPR) under the respective legal requirements.
You also have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) of the GDPR pursuant to Article 21 of the GDPR. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 EU GDPR. If a justified objection is made, we will no longer process this personal data for these purposes. An objection can be made informally to our contact address. You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 EU GDPR, Section 19 BDSG).
You can find a current list of the responsible supervisory authorities at www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
As part of our business relationship, you only need to provide the personal data that is required for the establishment, execution and termination of a business relationship or that we are legally obliged to collect. Without this data, we will generally have to refuse to conclude the contract or execute the order or will no longer be able to fulfil an existing contract and may have to terminate it.
In principle, we do not use automated decision-making in accordance with Art. 22 EU GDPR to establish and conduct the business relationship. If we use these procedures in individual cases, you will be informed separately if this is required by law.
We use and store information that we receive during your visit to our website for security purposes and to improve the functionality of the website.
This data set consists of:
We use this information to enable you to access our website, to control and administer our systems and to improve the design and function of the website.
We only store the IP address transmitted by your web browser, including the above-mentioned data record, for a period of time in order to be able to recognise, limit and eliminate faults or errors (e.g. attacks on our servers). Storage ends after one month at the latest. After this period, we delete or anonymise the IP address.
This is done on the basis of our predominantly legitimate interest in the security and functionality of our website § 25 para. 2 no. 2 TTDSG in conjunction with. Art. 6 para. 1 lit. f GDPR.
If you have any questions about data protection, please contact:
DERPART Travel Sales GmbH
Data protection
Emil-von-Behring-Str. 6
60439 Frankfurt
E-Mail: datenschutz@dertouristik.com
As a user, you can decide for yourself on the use of cookie-based services/technologies and the data collection by these on our portal and adjust or revoke them at any time with effect for the future. This is possible via an information and consent banner, which is displayed on first visits and when changing services, as well as via the cookie settings, which can be accessed at any time via a link at the bottom of each page. As part of a GDPR-compliant approach, we only use services requiring consent after you have given your prior consent. You can also use our website without this consent.
We use a so-called Consent Management System from Usercentrics, GmbH, Rosental 4, 80331 Munich, Germany, to provide this setting and consent function within the meaning of the GDPR and to inform you about the use of cookie-based technologies. In addition, this system is used to document your decisions for your browser, which enables us to fulfil the data protection requirements of the documentation and verification obligation.
Usercentrics uses cookies and records the date and time of the visit, browser and device information, the anonymised IP address and opt-in and opt-out data exclusively to store your consent and to comply with legal obligations on the legal basis of Section 25 (2) No. 2 TTDSG in conjunction with Art. 6 (1) (c) GDPR. GDPR Art. 6 (1) (c). The data processing takes place within the European Union.
Your data will be stored for 3 years in accordance with section 5 of the retention period of 3 years pursuant to §§ 195 ff. BGB.
Further information on the data protection provisions of the data processor can be found at https://usercentrics.com/de/datenschutzerklaerung/
As a user, you have other, alternative ways such as browser extensions, settings, adblockers or opt-out links of individual tools to prevent the setting of cookies or data collection by services. We would like to point out that these methods are not equivalent to the use of a consent / consent management system.
Browser extensions, settings and adblockers can prevent cookies and, where applicable, data collection by services. However, you cannot always decide for yourself what you want to allow or prevent. It is possible that your decisions made via the consent management system may be overridden or even prevent the necessary use of the consent management system. In addition, extensions and adblockers can cause unexpected problems with the basic functions of the portal.
Many marketing services provide their own opt-out options via opt-out links or cookies. We list these in the privacy policy, if available. The opt-out often applies to the basic portal-independent use of the service, but only takes place subsequently and on a page of the provider, independent of the consent management of our portal. Opt-out cookies are often set, which in turn can be cancelled by the cookie settings of your browser or by deleting cookies.
If you use the alternative methods mentioned, it is not possible for us to document your settings and decisions.
When you visit our website, information may be stored on your computer in the form of cookies, for example to recognise visitor preferences and optimise the design of the website accordingly. This helps us, for example, to make navigation easier and to achieve a high level of user-friendliness. Cookies that are not technically necessary are only set if you have actively consented to this.
Cookies are text files that are stored on the user's hard drive when they visit a website. They are harmless to your computer and cannot be viewed by third parties. They make it possible to store information for a certain period of time and to identify the user's computer.
If you accept our cookies, they will remain on your computer for a period of 30 days unless you delete them beforehand. During an online booking, cookies are temporarily stored for the duration of the booking. These are automatically deleted after 30 minutes of inactivity or after closing the website.
You can object to the collection and storage of your data via this service at any time. If you wish to avoid the activation of cookies, deactivate them in your browser. Please note, however, that disabling cookies may restrict the use of the website and the services offered.
Subject to your consent, this website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Analytics uses cookies, which are stored on your computer and enable your use of this website to be analysed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
We would like to point out that on this website Google Analytics has been extended by the code "gat._anonymizeIp();" in order to ensure anonymised collection of IP addresses (so-called IP masking). If IP anonymisation is activated on our websites, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand.
Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information to analyse your use of our website, to compile reports on website activity for us and to provide us with other services relating to website activity and internet usage.
The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. A transfer of this data by Google to third parties only takes place on the basis of legal regulations or in the context of order data processing. Under no circumstances will Google combine your data with other data collected by Google.
We only use this cookie-based service on our portal with your prior consent, on the legal basis of Section 25 (2) no. 2 TTDSG in conjunction with Art. 6 (1) sentence 1 lit. a GDPR (consent for the data processing based on this). Art. 6 para. 1 sentence 1 lit. a) GDPR (consent for the data processing based on this). You can give this consent in our Consent Management System either on your first visit to the portal via the consent banner or at any time in the cookie settings, which can be accessed via a link at the bottom of every page of the portal, and adjust or revoke it with effect for the future. Your choice is documented for your browser, which means that we fulfil the data protection requirements of the documentation obligation.
You can also prevent the collection and processing by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. Please note that when using this option, it is not possible to document your decision and your settings may conflict with your decisions in the Consent Management System.
Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html or under https://www.google.de/intl/de/policies/.
You will find links to social media networks on our website. These are not plugins provided by the provider, which already transmit data to the provider when the page is loaded without the user having any influence. The integrated logos of the social media networks merely conceal a link to the social media network.
The way in which the operators of the social networks use the data from visits to the respective pages for their own purposes, the extent to which activities on the pages are assigned to individual users, how long this data is stored and whether data from a visit to the respective page is passed on to third parties is not conclusively and clearly stated by the operators and is not known to us.
Link to XING
We link to the XING network via a logo graphic. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. When you click on the logo graphic, your browser establishes a direct connection to the XING servers. Further information on data protection can be found in the Privacy policy of Xing.
Link to LinkedIn
We link to the LinkedIn network via a logo graphic. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. When you click on the logo graphic, your browser establishes a direct connection to the LinkedIn servers. Further information on data protection can be found in the LinkedIn privacy policy.
Our website uses plugins from the YouTube website operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
Such integration takes place exclusively in YouTube's extended data protection mode (more information at https://support.google.com/youtube/answer/171780?hl=de), which does not use cookies. As long as there is no interaction with the video, no data is collected by the service. If a user clicks on an embedded YouTube video, data collection and further data processing for analysis purposes is carried out by Google LLC and its affiliated companies. The extended data protection mode prevents YouTube from connecting to Google's DoubleClick advertising network. When videos are played, the service collects browser and device settings, IP address, browser ID, date, time and reference URL of the request to play the video, name of the video and playback duration as well as system activities and crash reports for the purposes of providing, maintaining and improving the services and measuring performance.
If you have a Google account and are logged into it at the time you use a video, the usage data may be merged with your profile data. This depends on the data protection settings you have made in your account.
If you have a YouTube account and are logged in, YouTube will be able to assign your user behaviour to your personal profile. You can prevent this by logging out of your YouTube account. The information is usually transferred to Google servers in the USA and stored there.
As the website operator, we have no influence on these processes. You can find Google's privacy policy and terms of use here:
https://policies.google.com/privacy?hl=de&gl=de
We use YouTube on our websites to display and present our offers in an appealing way.
This data processing may also take place outside the EU or the EEA. As a suitable guarantee for the legality of these data transfers, we have concluded EU standard contracts with the processor in accordance with Art. 46 para. 2 lit. c GDPR.
Nevertheless, there is a risk that state authorities may access this data for control and monitoring purposes and that no effective legal remedies are available against this.
The service will only be used with your prior consent. You can give this consent via our Consent Management System either on your first visit to the portal via the consent banner or via the layer that is displayed above a YouTube integration without consent. In addition, you can give your consent at any time via the cookie settings, which can be accessed via a link at the bottom of every page of the portal, and adjust or revoke your consent with effect for the future. Your choice is documented for your browser, which means that we fulfil the data protection requirements of the documentation obligation.
The Google Maps map service is integrated into our website via an API. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to and stored on Google servers in the USA. As the provider of this site, we have no influence on data transmission.
We use Google Maps on our website to present our offers in an appealing way and to show you the exact location of our products and travel agencies.
The use is based on the legal basis § 25 para. 1 TTDSG (consent for the setting or reading of cookies) i.V.m. Art. 6 para. 1 sentence 1 lit. a) GDPR (consent for the data processing based on this). You can revoke your consent with effect for the future at any time in the cookie settings in the footer of the website.
Further information on the handling of your data can be found in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/
This data processing may also take place outside the EU/EEA. The level of data protection may not be comparable to that in the EU/EEA. If data is transferred outside the scope of the EU GDPR when using processors, this is secured, among other things, by EU standard contractual clauses in accordance with Art. 46 para. 2 lit. c EU GDPR. Where necessary and possible, the EU standard contractual clauses are supplemented by further contractual assurances. There is nevertheless a risk that state authorities may access this data for control and monitoring purposes and that no effective legal remedies are available against this.
To protect your data from unauthorised access, we use an encryption process on our website. Your data is then transmitted from your computer to our server and vice versa via the Internet using TLS 1.2 encryption. You can recognise this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
