Privacy Policy

We, the farm Tiefhof, appreciate your visit to our website and the interest you have shown.

We attach great importance to the protection and security of your personal data. It is therefore important to us to inform you below about what personal data we process from you and for what purpose, and what rights you have in relation to your personal data.

General information

What is personal data and what does processing mean?

‘Personal data’ (hereinafter also referred to as “data”) is any information that reveals something about a natural person. Personal data is not only information that allows direct conclusions to be drawn about a specific person (such as a person's name or e-mail address), but also information that can be used to establish a reference to a specific person with the appropriate additional knowledge.
‘Processing’ means any action that is carried out with your personal data (such as the collection, recording, organisation, structuring, storage, use or deletion of data).

Who is responsible for processing your data?

The person responsible for processing your data is:

Daniel Maas

Tief 170

6543 Nauders

Austria

Telephone: +43

E-mail: tiefhof@aon.at

What rights do you have as a data subject?

As a data subject, you have the right, within the legally prescribed framework, to the following:

Information about your data;
Correction of incorrect data and completion of incomplete data;
erasure of your data, in particular if (1) it is no longer necessary for the purposes stated in this privacy policy, (2) you withdraw your consent and there is no other legal basis for processing, (3) your data has been processed unlawfully or (4) you have objected to processing and there are no overriding legitimate grounds for processing;
Restriction of the processing of your data, in particular if the accuracy of the data is disputed by you or the processing of your data is unlawful and you request the restriction of use instead of deletion;
Objection to the processing of your data for the protection of legitimate interests on grounds relating to your particular situation or, without specific justification, to the processing of your data for the purpose of direct marketing; if it is not an objection to direct marketing, we ask you to explain the reasons why we should not process your data as we have done. If your objection is justified, we will review the situation and cease processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims;
Receipt of your data in a structured, commonly used and machine-readable format and the right to have your data transmitted directly from us to another controller
Withdrawal of consent if you have given us your consent to process your data. Please note that the lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected by your revocation.
If you assert the above-mentioned rights, we ask for your understanding that we may require you to provide proof that you are the person you claim to be.
In addition, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates the GDPR.

Links to other websites

Our website may contain links to and from websites of other providers not affiliated with us (‘third parties’). After clicking on the link, we no longer have any influence on the processing of any data transmitted to the third party by clicking on the link (such as the IP address or the URL on which the link is located), as the behaviour of third parties is naturally beyond our control. We can therefore accept no responsibility for the processing of such data by third parties.

Data processing

Log files when accessing and using the website

Each time you access and use our website, the web browser used on your end device (computer, smartphone or similar) automatically sends information to our web servers, which we store in log files.

What data do we process and for what purposes?

We process the following data:

Your (external) IP address
Date and time of the call
Domain name of your internet access provider
The browser type and version you are using and the operating system you are using
URL (Internet address) of the website you were on at the time you accessed the website
If applicable, the files you accessed via the respective website (type of access, name of the accessed file, URL of the accessed file, success of the access)
The amount of data transferred to you when you visit the respective website
If applicable, date and time of sending when using web forms

We only process this data for the purpose of ensuring stability and network and information security.

Processing for other purposes is only considered if the necessary legal requirements in accordance with Art. 6 para. 4 GDPR are met. In this case, we will of course comply with any information obligations pursuant to Art. 13 para. 3 GDPR and Art. 14 para. 4 GDPR.

On what legal basis do we process your data?

Your data is processed to protect legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR.

Our legitimate interests are the improvement and maintenance of the stability and functionality and the security of our website.

You have the right to object to processing on the basis of Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation.

Online bookings

Booking system

On our website, we offer you the opportunity to make travel bookings online. To optimise the booking process, we use the booking system ‘Kognitiv’ (formerly known as ‘Seekda’) from Seekda GmbH, Neubaugasse 10/15, 1070 Vienna, Austria, which processes your data listed below on our behalf in accordance with our instructions and for specific purposes (order processing in accordance with Art. 28 GDPR). In addition, we use necessary cookies as part of the use of the booking system, for which you can find further information below in the section ‘Use of cookies and other technologies’.

What data do we process and for what purposes?

We process the following data:

Salutation
First name, surname
Company, if applicable
Telephone number
E-mail address
Postal address
Desired travel dates (arrival and departure date)
Number of travellers
Any data you have provided in the comments field
If applicable, data on the accompanying person (first name, surname)

We only process this data for the purpose of processing, realising and handling your travel booking.

Processing for other purposes will only be considered if the necessary legal requirements in accordance with Art. 6 para. 4 GDPR are met. In this case, we will of course comply with any information obligations pursuant to Art. 13 para. 3 GDPR and Art. 14 para. 4 GDPR.

On what legal basis do we process your data?

Your data is processed as part of the booking process for the fulfilment of a contract or for the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR.

If we also process your data for advertising purposes, this is done to protect legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR.

Our legitimate interests, if any, are customer care and loyalty as well as the improvement of our services.

You have the right to object to the processing of your data for advertising purposes at any time. The objection does not affect the lawfulness of the processing carried out prior to the objection. You can exercise your right to object at any time by unsubscribing from the newsletter by sending an email to tiefhof@aon.at or by clicking on the unsubscribe link at the end of each newsletter.

Travel insurance

As part of the booking process, we offer you the option of taking out cancellation and accident insurance for a hotel stay (‘Hotel Cancellation Plus’) from Europäische Reiseversicherung AG, Kratochwjlestraße 4, 1220 Vienna, Austria (hereinafter ‘ERV’) at the same time as you book your trip. If you take advantage of this option, we will transfer the data you provide during the booking process to ERV. ERV is responsible for the further processing of your data. For details on the further processing of your data, please refer to the overall information (PDF) provided by ERV, in particular the ‘Information on cancellation rights, complaint options and data use’ contained therein.

What data do we process and for what purposes?

We process the following data:

Salutation
First name, surname
Company, if applicable
Date of birth, if applicable
E-mail address
Postal address
Telephone number
If applicable, first name and surname of third parties as insured person(s)

We only process this data for the purpose of providing benefits (transfer of your data to ERV).
Processing for other purposes will only be considered if the necessary legal requirements pursuant to Art. 6 (4) GDPR are met. In this case, we will of course comply with any information obligations pursuant to Art. 13 para. 3 GDPR and Art. 14 para. 4 GDPR.

Translated with DeepL.com (free version)

On what legal basis do we process your data?

Your data is processed to fulfill a contract or to carry out pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR.

Use of web forms

Contact forms

On our website, we offer you the opportunity to send us messages or inquiries via web forms. If you use this option, we will process your data in order to process your message or inquiry and contact you.

What data do we process and for what purposes?

We may process the following data:

Salutation
title
First name, surname
e-mail address
telephone number
Postal address
Company name
Content data (your message/inquiry/comments/remarks/wishes)
Event data (for meeting/event requests)
Preferred and alternative date and time (for appointments)
Gender and, if known, name of the desired therapist (for appointments)

We only process this data for the purpose of responding to and further processing your message or inquiry.

Processing for other purposes will only be considered if the necessary legal requirements pursuant to Art. 6 (4) GDPR are met. In this case, we will of course comply with any information obligations pursuant to Art. 13 para. 3 GDPR and Art. 14 para. 4 GDPR.

On what legal basis do we process your data?

Your data is processed to fulfill a contract or to carry out pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR or to safeguard legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR.

Our legitimate interest is the proper response to and processing of your message or request.

You have the right to object to processing on the basis of Art. 6 para. 1 lit. f GDPR at any time for reasons arising from your particular situation.

Use of cookies and other technologies

A. General information

We use cookies and other technologies as part of the provision of our website. With the following cookie information, we provide you as a user of our website with additional information on data processing when using cookies and other technologies.

I. What are cookies and other technologies?

Cookies are small text files that a web server can store and read on your end device (computer, smartphone or similar) using the web browser you are using. Cookies contain individual alphanumeric character strings that enable the web browser you are using to be identified and may also contain information on user-oriented settings.

In addition to cookies, we use the following other technologies:

With the so-called local storage technology, data is only stored locally, i.e. exclusively on your end device and not on the web server, in the so-called local storage of your web browser. Unlike cookies, the data stored using local storage technology does not have an expiry date and is not automatically deleted, but you can delete this data yourself via your web browser. Please refer to your web browser manufacturer's instructions to find out how to delete the data stored using local storage technology.

In addition, we have integrated so-called tracking pixels (also: “pixels”, “pixel tags” or “web beacons”) on our website. Tracking pixels are small, usually invisible image files that are automatically loaded by a web server and can provide information about your web browser or end device and your use of our website. This information can in turn be used to create a profile that can be recognized when you visit our website again.

The aforementioned cookies and other technologies are hereinafter collectively referred to as “cookies”.

II. What types of cookies and other technologies are there?

We differentiate between required and optional cookies:

Required cookies are those that are technically necessary for the functionality and to ensure the security and stability of our website and information technology systems. We also assign cookies to this category that store certain settings you have made, options you have selected or information you have entered until you close your web browser at the latest in order to provide the function you have requested (e.g. login status, language setting, etc.). Your consent is not required for the storage or reading of necessary cookies. Therefore, you cannot manage required cookies via the settings of the consent management service we use, but only via your web browser and delete cookies stored there or block the storage of cookies.
Optional cookies are cookies that are not required for the functionality and to ensure the security and stability of our website and information technology systems, but are used for analysis or marketing purposes. These cookies can, for example, collect information about how you use our website to create anonymous statistics, which enables us to analyze usage and thus optimize our website. In addition, we also assign cookies to this category that store certain settings you have made, options you have selected or information you have entered beyond the closing of your web browser in order to provide the function you have requested for a longer period of time (e.g. login status via the selection “Remember my e-mail address”, notepad, comparison list, etc.). Your prior consent is generally required for the storage or reading of optional cookies. You can consent to the use of optional cookies via the settings of the consent management service we use and revoke your consent at any time with effect for the future.

Both required and optional cookies can be so-called session cookies or persistent cookies, which differ in terms of their intended lifespan or functional duration:

Session cookies are stored on your end device and are automatically deleted when you close your web browser.
Persistent cookies are stored on your end device and are not automatically deleted when you close your web browser, but remain on your end device for a predefined period of time.
The data stored using local storage technology does not have an expiry date, i.e. it has an unlimited functional life.

Note: You can delete cookies and the data stored using local storage technology yourself via your web browser. For details, please refer to the instructions of your web browser manufacturer.

B. Use of cookies on our website

I. Required cookies

1. which necessary cookies are used for what purpose and for how long?

Consent management

Open settings

We have implemented a consent management service so that you can manage the use of optional cookies on our website. When you access our website for the first time, the consent management service displays an upstream query (“Cookies, other technologies and other services”), which you can use to accept or reject the use of optional cookies by clicking on the corresponding button. In addition, clicking on “Settings” will take you to the settings of the consent management service, where you will find, among other things, a simplified list of cookies organized by type. With the consent management service, you can find out about the purposes of the cookies we use, the data processed in each case and any data recipients and, in the case of optional cookies, give or revoke your consent at any time by selecting or deselecting the relevant box.

Please note that required cookies are already stored when you access our website and the relevant box is pre-selected. It is not possible to deselect required cookies via the consent management service. In turn, the use of certain cookies is necessary for the functionality of the consent management service itself.

Information of the service provider:

Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany

Usercentrics website:

https://usercentrics.com/de/

General Terms and Conditions for the use of Usercentrics software:

https://usercentrics.com/de/agb/

Usercentrics privacy policy:

https://usercentrics.com/de/datenschutzerklarung/

Booking system

When using the booking system (see above under “Booking system” in the “Online bookings” tab), we use various session cookies to ensure that the booking screen is displayed correctly, to temporarily save the shopping cart and to check the credit card.

Information from the service provider:

Seekda GmbH, Neubaugasse 10/15, 1070 Vienna, Austria

Cognitive website:

https://www.kognitiv.com/

2. On what legal basis are required cookies used?

In order to be able to prove that or whether you have consented to the use of optional cookies that require consent, we store the information about your given or not given consent to fulfill our legal obligation to provide evidence in accordance with Art. 6 para. 1 lit. c, para. 3 lit. a GDPR in conjunction with Art. 7 para. 1 GDPR.

In addition, we use necessary cookies to safeguard legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR.

Our legitimate interests pursued are

Assertion, exercise and defense of legal claims
Providing and ensuring the proper functioning of our website

3. How can I object to the use of necessary cookies?

You can exercise your right to object by using the blocking options described below under “Deleting/blocking cookies” (see Art. 21 (5) GDPR), i.e. blocking necessary cookies via your web browser settings.

Please note that if you delete cookies without blocking them, necessary cookies will be set again when you visit our website again at a later time. Please also note that deactivating, deleting or blocking necessary cookies may affect the performance and functionality of our website and may mean that certain functions and features are not available.

II. Optional Cookies

With the following information, we would like to put you in a position to make an informed decision for or against the use of optional cookies and the associated data processing.

1. which optional cookies are used for what purpose and for how long?

Web analysis

Subject to your consent, we use web analysis cookies in order to analyze the use of our website and thus continuously improve it. We can use the anonymized user statistics obtained (e.g. number and origin of website visitors) to optimize our website and make it more interesting, for example by placing frequently accessed information or topics on our website in line with requirements.

With this in mind, we use the services listed below:

Google Analytics

For web analytics, we use “Google Analytics”, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively referred to as “Google”), with the extension of “IP anonymization” (also known as the “IP mask method”). For this purpose, we have concluded an order processing contract with Google in accordance with Art. 28 GDPR. Accordingly, Google will process the data collected (data on your terminal equipment or web browser, IP addresses and your website or app activities) for a specific purpose on our behalf in order to evaluate your use of our website for us, to compile reports on website activity and to provide us with other services relating to the use of our website and internet usage.

The data collected by Google Analytics may be stored and processed by Google or sub-processors of Google outside the EU or the EEA and thus in a third country, in particular in the USA. However, the IP mask method we use ensures that the IP address is truncated within EU member states or in other EEA contracting states before being transmitted to a Google server in the USA and stored there, so that no full IP address is transmitted and the identifiability of a person is prevented or made considerably more difficult. Only in exceptional cases is the full, i.e. unabridged IP address transmitted to a Google server in the USA and only truncated there.

For a data transfer to a third country, additional conditions must be met in accordance with the GDPR to ensure that the level of data protection guaranteed in the EU is not undermined. In this case, data is transferred to the USA on the basis of the European Commission's adequacy decision of 10 July 2023. According to this adequacy decision, the USA guarantees an adequate level of protection within the meaning of Art. 45 GDPR for personal data transferred from the EU to organizations in the USA that are certified under the “EU-U.S. Data Privacy Framework” (hereinafter “DPF”) and listed in the “Data Privacy Framework List” (https://www.dataprivacyframework.gov/s/participant-search) maintained and made publicly available by the U.S. Department of Commerce.

Google LLC is certified according to the DPF and listed in the “Data Privacy Framework List”.

Information from the service provider:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Order data processing conditions for Google advertising products:

https://privacy.google.com/businesses/processorterms/

https://marketingplatform.google.com/about/analytics/terms/de/

Overview of data usage in Google Analytics:

https://support.google.com/analytics/answer/6004245?hl=de

https://policies.google.com/privacy?hl=de

Technical explanation of “IP anonymization (or IP masking) in Google Analytics”:

https://support.google.com/analytics/answer/2763052?hl=de

Additional information:

If you would like to deactivate Google Analytics across all websites, you can download and install the “Browser add-on to deactivate Google Analytics” at https://tools.google.com/dlpage/gaoptout?hl=de. This option only prevents web analysis as long as you use a web browser on which you have installed the add-on.

Marketing cookies

Subject to your consent, we use marketing cookies. Marketing cookies can recognize whether you have accessed an advertised website and which content you have used and are using in order to display advertising content that is relevant to you and tailored to your interests, to limit the frequency with which advertisements appear and to measure the success or effectiveness of advertising measures.

Against this background, we use the services listed below:

Google advertising products

For marketing purposes, we use the following advertising products of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively referred to as “Google”).

We use the advertising product “Google Ads” (formerly known as “AdWords”), through which we can place advertisements, including in Google search results, in the Google partner network or on other Google platforms. If you interact with an advertisement placed via Google Ads, e.g. click on an advertisement, a cookie is used as part of “Google Ads Conversion Tracking”, which can be used to track whether you have subsequently carried out an action (“conversion”) defined by us, such as a booking. The information obtained with the help of the cookie used is provided to us by Google in the form of so-called conversion statistics, from which we can, for example, read the anonymous total number of users who have clicked on our advertisement. We ourselves do not receive any information that allows personal identification.

In addition to Google Ads Conversion Tracking, we use “Google Ads Remarketing”, which allows our advertisements to be displayed to you in the Google partner network after you have visited our website during your subsequent Internet use. For this purpose, Google records your usage behaviour when you visit various websites in the Google partner network, whereby, according to Google, pseudonymization is used.

As a further advertising product, we use the “Google Ad Manager” (formerly known as “DoubleClick”) to present you with targeted advertisements based on your presumed interests. A pseudonymous identification number is assigned to the web browser you are using in order to check which ads have already been displayed in your web browser and which of these you have also accessed.

The data collected in the context of Google advertising products may be stored and processed by Google, including for its own purposes, outside the EU or the EEA and thus in a third country, in particular in the USA. We have no influence on further data processing by Google.

Google LLC is certified in accordance with the DPF and is included in the Data Privacy Framework List.

Information of the service provider:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Website:

https://marketingplatform.google.com/about/

https://policies.google.com/privacy

2. On what legal basis are optional cookies used?

We use optional cookies on the basis of consent in accordance with Art. 6 para. 1 lit. a in conjunction with Art. 7 GDPR.

3. how can I revoke my consent to the use of optional cookies?

When you access our website (for the first time), we ask you for your consent to the use of optional cookies by means of an upstream query (“Cookies, other technologies and other services”). You can revoke your consent at any time with effect for the future and thus prevent the further collection of your data by deselecting optional cookies (web analysis, marketing) in the settings of the consent management service.

If and insofar as you do not give your consent or revoke your consent, the (further) collection of data by means of optional cookies requiring consent and the associated data processing will cease. This has no disadvantages for the use of the website unless you also deactivate the cookie functions for required cookies.

The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

As an alternative to withdrawing your consent, you have the options described below under “Deleting/blocking cookies” for deleting or blocking cookies with the information provided there.

C. Deleting/blocking cookies

Cookies are stored on your end device, so you have control over cookies. If you do not want us to recognize your end device, you can deactivate or delete cookies already stored on your end device at any time - manually or automatically - and/or block the storage of cookies for the future by making the appropriate setting in your web browser software, e.g. “do not accept cookies” or similar. Most web browsers can also be configured so that the storage of cookies is only accepted if you agree to this separately in individual cases. If you do not wish to accept cookies from our service providers and partners, you should find the setting “Block third-party cookies” or similar in your web browser. As a rule, the help function in the menu bar of your web browser will show you how to deactivate or delete cookies that have already been saved and how to reject new cookies. For details of the options described, please refer to the instructions of your web browser manufacturer.

Please note that if you delete cookies without blocking them, the required cookies will be reinstated and we may ask you for your consent again for optional cookies when you visit our website again at a later date. Please also note that disabling, deleting or blocking required cookies may affect the performance and functionality of our website and may mean that certain functions and features are not available.

You can manage the settings for the use of optional cookies and the associated data processing at any time in the settings of the consent management service.

Integration of third-party services

As part of the provision of our website, we integrate various content and functional elements (hereinafter also referred to collectively as ‘services’) that are obtained from the web servers of their respective providers (hereinafter referred to as ‘third-party providers’). For the proper presentation and provision of the services, it is always necessary for your IP address to be transmitted to the respective third-party provider. Although we endeavour to only integrate services where the respective third-party provider only uses the IP address to deliver the services, we have no influence on further processing by third-party providers.

When you access our website for the first time, we will ask you for your consent to the transfer of data to third-party providers in connection with the use of other services by means of an upstream query (‘Cookies, other technologies and other services’). If you do not already give your consent with this upstream query, third-party services requiring consent will be blocked on our website and no data will be transferred to third-party providers. Instead, you can give your consent separately for individual third-party services by clicking on ‘Accept’ in the respective blocker. If you no longer wish to consent to each third-party service individually in future and would like to be able to load them without the respective blocker, you have the option of additionally selecting ‘Always accept’ or similar and thus also consenting to the associated data transfers for all other relevant third-party services that you will access on our website in future.

You can revoke your consent at any time with effect for the future and thus prevent the further transmission of your data by deselecting the corresponding service under ‘Other services (optional)’ in the settings of the consent management service.

Against this background, we use the services listed below:

YouTube videos

We embed videos from ‘YouTube’ on our website, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively referred to as ‘Google’). The ‘extended data protection mode’ is activated for the integrated YouTube videos so that no cookies are used to analyse user behaviour.

Subject to your consent, we transmit your data, including your IP address, to Google when you load a YouTube video. The data transmitted in this context may be stored and processed by Google, including for its own purposes, outside the EU or the EEA and thus in a third country, in particular in the USA. We have no influence on further data processing by Google.

For a data transfer to a third country, additional conditions must be met in accordance with the GDPR to ensure that the level of data protection guaranteed in the EU is not undermined. In this case, data is transferred to the USA on the basis of the European Commission's adequacy decision of 10 July 2023. According to this adequacy decision, the USA guarantees an adequate level of protection within the meaning of Art. 45 GDPR for personal data transferred from the EU to organisations in the USA that are certified under the ‘EU-U.S. Data Privacy Framework’ (hereinafter ‘DPF’) and listed in the ‘Data Privacy Framework List’ (https://www.dataprivacyframework.gov/s/participant-search) maintained and made publicly available by the U.S. Department of Commerce.

Google LLC is certified according to the DPF and listed in the ‘Data Privacy Framework List’.

Information from the third-party provider:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland; Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google Tag Manager

We use the ‘Google Tag Manager’ on our website, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively referred to as ‘Google’).

Google Tag Manager is a service with which we can use other services, such as Google Analytics, on our website or manage their use without having to change the source code of the website. The Google Tag Manager itself does not collect any personal data and does not access such data, but merely ensures the control and execution of the services managed via it, which in turn process data under certain circumstances and, if necessary, with your corresponding consent.

Information from the third-party provider:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland; Mutterunternehmen: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

https://policies.google.com/privacy

Data recipients

We may transfer your data to:

The providers of the functions you actively use and any other services or services;

Our service providers that we use to fulfil the above purposes;

Courts, arbitration tribunals, authorities or legal advisors if this is necessary for compliance with applicable law or for the assertion, exercise or defence of legal claims.

Data transfers to third countries

Data may only be transferred to bodies in countries outside the European Union or the European Economic Area (so-called third countries) or to international organisations (1) if you have given us your consent or (2) if the European Commission has decided that an adequate level of protection exists in a third country (Art. 45 GDPR). If the Commission has not made such a decision, we may only transfer your data to recipients located in a third country if suitable guarantees are in place (e.g. standard data protection clauses adopted by the Commission or the supervisory authority in accordance with a specific procedure) and the enforcement of your data subject rights is ensured or the transfer is permitted in individual cases on the basis of other authorisations (Art. 49 GDPR).

If we transfer your data to third countries, we will inform you about the respective details of the transfer at the relevant points in this privacy policy.

Data erasure

We process your data as long as this is necessary for the respective purpose, unless you have effectively objected to the processing of your data or have effectively revoked any consent you may have given.

Insofar as statutory retention obligations exist, we will have to store the data concerned for the duration of the retention obligation. After the retention obligation has expired, we will check whether there is any further need for processing. If it is no longer necessary, your data will be deleted.

Data security

We use technical and organisational security measures to ensure that your data is protected against loss, incorrect changes or unauthorised access by third parties. In any case, only authorised persons on our part have access to your data, and only to the extent that this is necessary for the above-mentioned purposes. The transmission of all data is encrypted.