We care about protecting your data
We are delighted that you are interested in our company and our products and services, and we hope that you can browse our website with confidence – and that includes issues relating to the privacy of your personal data. Because we take protecting your personal data extremely seriously. Compliance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) is extremely important to us.
We wish to explain when we collect your data, which data we collect, and how we use them. We have implemented technical and organisational measures to ensure that the regulations on data privacy and data security are met, both by ourselves and by our external service providers.
(1) Information about the collection and storing of personal data
The following section explains how we collect and store personal data when users visit our website. Personal data are all data relating to your identity or which can be used to identify you personally, including your name, address, email addresses, user behaviour and IP address.
Each time you visit our website, for technical reasons your browser automatically sends the data listed below to our web server. These data are stored solely for statistical and technical purposes, in order (for example) to evaluate the frequency of visits to this site or to identify interruptions in the server.
The following data are logged and evaluated:
- Request (name of the requested file)
- Browser type and browser version
- Operating system used
- Referrer URL, i.e. the website from which you accessed our website
- IP address
- Data and time of your visit
- The pages visited within our website
- Any content entered in forms
Other personal data, such as your name, home address, email address, date of birth or data relating to transactions, are only collected if you enter these data yourself. One way to provide us with these data on our website is via the contact form.
Contacting us by email and via the contact form
If you contact us by email or via a contact form, we will store the data you disclose to use (your email address, and possibly your name and your telephone number) in order to respond to your queries. We will erase the data involved in this situation once it is no longer necessary to store them, or we will restrict their processing if legal retention periods apply.
People under the age of 18 should not send any personal data to us without the consent of their parents or legal guardians. We will not request any personal data from children or adolescents, nor will we collect these data or disclose them to third parties.
(2) Intended purpose of collecting and processing personal data
Generally speaking, we will use the personal data you send to us in order to respond to your queries, to process your orders and to give you access to specific information and offers. In the interests of maintaining customer relationships, it may also be necessary for us (or a service provider commissioned by us) to use these personal data to inform you of products that may be useful for your business activities, or to conduct online surveys so that we can respond better to the challenges and requirements of our customers.
Only those TOUR LOUNGE members of staff who require access to these data in order to fulfil our contractual, legal and supervisory obligations and to pursue our legitimate interests will have this access. We also use selected processing companies to implement the technical and organisational aspects of our website. All processing companies are contractually required to treat your personal data confidentially and to only process them in order to provide the services we have commissioned from them.
If you do not wish to send us your personal data in order to maintain our customer relationship (in particular for direct marketing or market research purposes), we will of course respect your wish. We will not send your personal data to third parties, nor will we market them in any other way.
We will only collect, process and use the personal data you provide to us online for the purposes we have outlined to you. We will not disclose your personal data to third parties without your necessary consent.
Logging email correspondence
We store log data from email correspondence in order to ensure appropriate information and system security and to detect malware. If you send an email to any of our addresses, the following data are logged: email and IP address of the recipient and sender, number of recipients, subject, date and time the email was received on the server, file name of any attachments, size of message, risk classification for spam and delivery status. Initially, emails are checked using automated systems. Only if we suspect a risk to the safety of our IT systems will individual emails be checked by staff with the appropriate responsibility.
If required, we also process the personal data you send to us in emails for the duration of the initial business contact and beyond in accordance with the legal retention and documentation obligations.
(3) Right of access, right to rectification or erasure, right to restriction of processing, right to object, right to data portability
You have the following rights with regard to your personal data:
• Right of access
• Right to rectification or erasure
• Right to restriction of processing
• Right to object to processing
• Right to data portability
In accordance with Art. 6(1)(a) or Art. 9(2)(a) of the GDPR, you have the right to withdraw your consent at any time without affecting the lawfulness of the processing carried out on the basis of your consent prior to withdrawal.
If this is not what you want, you can configure your browser so that it tells you when cookies are to be stored, allowing you to only enable this in individual cases.
Disabling cookies may restrict the functionality of our website.
(6) SSL encryption
For security reasons, and to ensure confidential information (such as the queries you send to us as a website user) is transmitted securely, this website uses SSL encryption. You can identify an encrypted connection from your browser’s address bar, where “http://” will change to “https://” and the lock symbol will appear. When SSL encryption is enabled, the data you send to us cannot be read by third parties.
(7) Web analytics with Google Analytics
This website uses functionality provided by the Google Analytics web analysis service. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
We have enabled the IP anonymisation feature on this website. This means Google shortens your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area before sending it to the USA. Only in exceptional circumstances will the full IP address be sent to a Google server in the USA and shortened there. Google will use these data on behalf of the operator of this website in order to analyse your use of the website, to produce reports on website activity and to provide the website operator with other services related to use of the website and the internet. The IP address sent from your browser through the use of Google Analytics will not be combined with other data held by Google.
You can prevent cookies from being stored on your device by changing the corresponding setting in your browser software; however, please note that if you do so, you may not be able to use the full functionality of this website. You can also prevent Google from collecting and processing the data generated by the cookie and relating to your use of the website (including your IP address) by downloading and installing the browser plugin from https://tools.google.com/dlpage/gaoptout?.
Google Analytics Demographics
This website uses the Google Analytics “Demographics” feature, which allows reports to be produced containing information about the age, gender and interests of visitors to this website. These data come from targeted Google advertising and from visitor data provided by third parties, and they cannot be associated with any individual person. You can disable this feature at any time via the display settings in your Google account, or you can prevent all collection of your data by Google Analytics as described in the section on “Objecting to data collection”.
(8) Google reCAPTCHA
We use Google reCAPTCHA (hereafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The aim of reCAPTCHA is to check whether data entered on this website (e.g. in a contact form) are being entered by a human being or by an automated program. To do so, reCAPTCHA uses various criteria to analyse the behaviour of website users. This analysis begins automatically as soon as each website user accesses the website. To conduct the analysis, reCAPTCHA evaluates various data (such as IP address, time spent by the user on the website and mouse movements made by the user). The data collected during this analysis are sent to Google.
The reCAPTCHA analyses always run in the background, and website users are not informed that an analysis is taking place.
Data are processed on the basis of Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting their website from fraudulent automated espionage and from spam.
For more information about Google reCAPTCHA, see the Google privacy policies and the Google terms of service, which can be found via the following links:
(9) Google Fonts
To display text, this website uses Google Fonts, which are provided by Google (https://fonts.google.com).
When you visit our website, your browser loads the required font to your browser cache. This is required in order for your browser to enable a visually enhanced display of our texts. If your browser does not support this feature, your computer will use a standard font to display our texts.
For more information about Google Fonts, see https://developers.google.com/fonts/faq?.
(10) Other information
We have implemented technical and organisational security measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All our staff, and all third parties involved in data processing, are required to comply with the GDPR and to treat personal data confidentially.
When personal data are collected and processed, they are transmitted in an encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in accordance with technological developments.
Changes to our privacy policies
We reserve the right to change our security and privacy policies if this becomes necessary as a result of technological developments. In these cases, we will also update the information we provide regarding data privacy. For this reason, please ensure you read the currently applicable version of our data privacy information.
This data protection information does not apply to external links provided on our website. When we provide links, we make every effort to ensure that these links also comply with our privacy and security standards. However, we have no influence on whether or not other providers comply with these privacy and security policies. We therefore ask you to read the privacy information provided on the websites of these external providers.