Privacy Policy

Privacy information for the website www.mice-access.com



MICE access GmbH, Südportal 5, 22848 Norderstedt (hereinafter referred to as "MICE" or "we") provides a booking platform for hotels as an interface solution for the MICE sector at the web address www.mice-access.com. Personal data is processed in connection with the booking platform.

Below you will find information about the person responsible for processing your personal data (Section A) and your rights with regard to the processing of your personal data (Section B).

You will also find information below on the processing of your personal data (Section C) and information on the use of cookies (Section D).

  1. Information about the responsible person

Name and contact details of the responsible person

MICE access GmbH

Südportal 5

22848 Norderstedt

info@miceaccess.com

fax: +49 (0) 40 2093221-14





  1. Information on the rights of data subjects

As a data subject, you have the following rights with regard to the processing of your personal data:

  • Right of access (Article 15 of the Basic Data Protection Regulation)

  • Right to rectification (Article 16 of the Basic Data Protection Regulation)

  • Right to cancellation ("right to be forgotten") (Article 17 of the Basic Data Protection Regulation)

  • Right to limitation of processing (Article 18 of the Basic Data Protection Regulation)

  • Right to data transferability (Article 20 of the basic data protection Regulation)

  • Right of appeal (Article 21 of the basic data protection Regulation)

  • Right to withdraw consent (Article 7(3) of the basic data protection Regulation)

  • Right to complain to the supervisory authority (Article 77 of the basic Regulation on data protection)

To exercise your rights, you can contact us at the contact information listed in Section A.
Information on any specific modalities and mechanisms that may facilitate the exercise of your rights, in particular the exercise of your rights to data transfer and opposition, may be found in the information on the processing of personal data in Section C of this Privacy Policy.
Below you will find more detailed information on your rights with regard to the processing of your personal data:

    1. Right of access

As a data subject, you have a right of access under the conditions laid down in Article 15 of the basic Regulation on data protection.

This means in particular that you have the right to ask us to confirm whether we are processing personal data concerning you. If this is the case, you also have a right of access to this personal data and to the information referred to in Article 15(1) of the Basic Data Protection Regulation. This includes, for example, information about the purposes of processing, the categories of personal data being processed and the recipients or categories of recipients to whom the personal data have been or will be disclosed (Article 15(1)(a), (b) and (c) of the Basic Data Protection Regulation).

The full scope of your right of access is set out in Article 15 of the Basic Data Protection Regulation, which can be found at http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.

    1. Right to rectification

As a data subject, you have a right of rectification under the conditions of Article 16 of the basic Regulation on data protection.

In particular, this means that you have the right to ask us immediately to correct any incorrect personal data concerning you and to complete any incomplete personal data.

The full scope of your right to rectification can be found in Article 16 of the Basic Data Protection Regulation, which can be accessed via the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.

    1. Right to cancellation ("right to be forgotten")

As a data subject, you have a right to cancellation ("right to be forgotten") under the conditions of Article 17 of the Basic Data Protection Regulation.

This means that, in principle, you have the right to ask us to delete personal data concerning you immediately and we are obliged to delete personal data immediately if one of the reasons listed in Article 17(1) of the Basic Data Protection Regulation applies. This may be the case, for example, when personal data are no longer necessary for the purposes for which they were collected or otherwise processed (Article 17(1)(a) of the Basic Data Protection Regulation).

Where we have made the personal data public and we are required to delete it, we are also required to take reasonable measures, including technical measures, to inform other data controllers processing the personal data that a data subject has requested them to delete all links to or copies or replications of that personal data, taking into account available technology and implementation costs (Article 17(2) of the Basic Data Protection Regulation).

The right of deletion ("right to be forgotten") shall exceptionally not apply in so far as the processing is necessary for the reasons listed in Article 17(3) of the Basic Data Protection Regulation. This may be the case, for example, where the processing is necessary to fulfil a legal obligation or to establish, exercise or defend a legal claim (Article 17(3)(a) and (e) of the basic Regulation).

The full scope of your right to cancellation can be found in Article 17 of the Basic Data Protection Regulation, which can be found at the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.

    1. Right to limitation of processing

As a data subject, you have a right to limit the processing under the conditions laid down in Article 18 of the Basic Regulation on Data Protection.

This means that you have the right to ask us to restrict the processing if one of the conditions set out in Article 18(1) of the Basic Data Protection Regulation is met. This may be the case, for example, if you dispute the accuracy of the personal data. In this case, the processing is restricted for a period of time which enables us to verify the accuracy of the personal data (Article 18(1)(a) of the Basic Data Protection Regulation).

Restriction means marking stored personal data with an aim to limiting their future processing (Article 4(3) of the basic data protection Regulation).

The full scope of your right to limitation of processing can be found in Article 18 of the Basic Data Protection Regulation, which can be found at the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.

    1. Right to data transferability

As a data subject, you have a right to data transferability under the conditions of Article 20 of the Basic Regulation on Data Protection.

This means that, in principle, you have the right to receive the personal data concerning you which you have provided to us in a structured, common and machine-readable format, and you have the right to transfer such data to another controller without any hindrance from us, provided that the processing is based on a consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the Basic Data Protection Regulation or on a contract pursuant to Article 6(1)(b) of the Basic Data Protection Regulation and the processing is carried out by automated means (Article 20(1) of the Basic Data Protection Regulation).

Information on whether a processing operation is based on a consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the basic Data Protection Regulation or on a contract pursuant to Article 6(1)(b) of the basic Data Protection Regulation can be found in the information on the legal basis of the processing operation in Section C of this Data Protection Information.

In exercising your right to data transferability, you also have, in principle, the right to obtain that the personal data be transferred directly by us to another controller, as far as this is technically feasible (Article 20(2) of the Basic Data Protection Regulation).

The full scope of your right to limitation of processing can be found in Article 20 of the Basic Data Protection Regulation, which can be accessed via the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.

    1. Right of opposition

As a data subject, you have a right of opposition under the conditions of Article 21 of the basic Regulation on data protection.

We will expressly inform you of your right to object at the latest at the time of the first communication with you.

You will find more detailed information on this below:

      1. Right to object on grounds arising from the particular situation of the data subject

As a data subject, you have the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you carried out pursuant to Article 6(1)(e) or (f) of the basic Regulation, including profiling based on these provisions.

Information as to whether processing is carried out on the basis of Article 6(1)(e) or (f) of the Basic Data Protection Regulation can be found in the information as to the legal basis of the processing in Section C of this Data Protection Information.

In the event of an objection for reasons arising from your particular situation, we will no longer process the personal data concerned, unless we can prove compelling legitimate reasons for the processing outweighing your interests, rights and freedoms, or the processing is for the purpose of asserting, exercising or defending legal claims.

The full scope of your right to object can be found in Article 21 of the Basic Data Protection Regulation, which can be accessed via the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.

      1. Right of appeal against direct advertising

If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling in so far as it is connected with such direct marketing.

Information on whether and to what extent personal data are processed for the purpose of direct marketing can be found in the information on the purposes of processing in Section C of this Privacy Policy.

In the event of an objection to processing for direct marketing purposes, we will no longer process the personal data concerned for such purposes.

The full scope of your right to object can be found in Article 21 of the Basic Data Protection Regulation, which can be accessed via the following link: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679.

    1. Right to revoke consents

If the processing is based on a consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the Basic Data Protection Regulation, you as data subject have the right to withdraw your consent at any time pursuant to Article 7(3) of the Basic Data Protection Regulation. The withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revoked. We will inform you of this before giving your consent.

Information as to whether a processing operation is based on a consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the Basic Data Protection Regulation can be found in the information on the legal basis of the processing operation in Section C of this Data Protection Information.

    1. Right of appeal to the supervisory authority

As a data subject, you have the right to lodge a complaint with the competent supervisory authority under the conditions laid down in Article 77 of the Basic Regulation on Data Protection.


The supervisory authority responsible for us is:


Independent State Centre for Data Protection Schleswig-Holstein

Holstenstraße 98

24103 Kiel

mail@datenschutzzentrum.de

0431/988-1200




  1. Information on the processing of personal data

In connection with the booking platform, various personal data are processed for various purposes.

Insofar as we as the so-called responsible party decide alone or jointly with others on the purposes and means of processing personal data, you will in the following receive information in particular about

  • the personal data or categories of personal data being processed,

  • the purposes for which the personal data will be processed,

  • the legal basis for the processing and, where the processing is based on Article 6(1)(f) of the Basic Regulation on Data Protection, the legitimate interests pursued by us or by a third party,

  • where appropriate, the recipients or categories of recipients of the personal data,

  • where appropriate, our intention to transfer the personal data to a third country or an international organisation and the existence or absence of a Commission adequacy decision or, in the case of transfers pursuant to Article 46 or Article 47 of the Basic Data Protection Regulation or Article 49(1) second subparagraph of the Basic Data Protection Regulation, a reference to the reasonable or appropriate safeguards and the possibility of obtaining a copy of them or where they are available,

  • the duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration,

  • the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the basic Regulation on data protection and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing for you.

If we collect your personal data from you as the data subject, the following will also inform you whether the provision of the personal data is required by law or contract or is necessary for the conclusion of a contract, whether you are obliged to provide the personal data, and what the possible consequences of not providing it would be. If we do not collect personal data from you as the data subject, you will also be informed below about the source of the personal data and, if applicable, whether it originates from publicly accessible sources.



    1. Informational use of the website

When using the website for purely informational purposes, the browser used on your terminal device sends certain information to the server of our website for technical reasons, such as your IP address. We process this information to provide the content of the website that you have accessed. In order to guarantee the security of the IT infrastructure used to provide the website, this information is also temporarily stored in a so-called web server log file.

In order to enable you to use the website for information purposes, we use cookies (→ Section D of this data protection information) on the website, which are used to process personal data.

You will find more detailed information on this in the following:

      1. Details of the personal data processed

Categories of personal data processed

Personal data included in the categories

Data sources

Obligation to provide data

storage period

Protocol data that is technically generated when the website is accessed via the Hypertext Transfer Protocol (Secure) (HTTP(S)) ("HTTP data").

IP address, type and version of your Internet browser, operating system used, the page accessed, date and time of access.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not provided, we cannot provide the content accessed on the website.



Data is stored in server log files in a form that enables identification of the persons concerned for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack).

Event occurs (e.g. a DDoS attack).

In the event of a security-relevant event, server log files are stored until the security-relevant event is eliminated and fully resolved.

Data stored in cookies that are strictly necessary (→ Section D) for the administration of cookie consents for this website on the user's terminal ("opt-in cookie data")

Consent and, if applicable, your individual selection for the use of cookies on your end device.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

In the event that data is not provided, we cannot take into account cookie consents on this website.


We do not store this data on our systems.

For the period of validity of the cookie see section D.III.



      1. Details on the processing of personal data

Purpose of the processing of personal data

Purpose of the processing of personal data

Automated decision making

Legal basis and, where appropriate, legitimate interests

Receivers

HTTP data is temporarily processed on our web server in order to provide the contents of the website called up by the user.

HTTP-Data

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is the provision of the content of the website accessed by the user.

Hosting-Provider.

In order to guarantee the security of the IT infrastructure used for the provision of the website, in particular for the detection, elimination and conclusive documentation of faults (e.g. DDoS attacks), HTTP data is temporarily processed in web server log files.

HTTP-Data

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is to guarantee the security of the IT infrastructure used for the provision of the website, in particular for the detection, elimination and conclusive documentation of faults (e.g. DDoS attacks).

Hosting-Provider

In order to provide the administration of cookie consents for this website, data from absolutely necessary cookies (→ Section D) is temporarily processed on our web server in order to determine whether you have already given your consent when the website is called up again.

Opt-In-Cookie-Data

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is the administration of the cookie consents given by the user to this website.

Hosting-Provider



      1. Details on the recipients of personal data and the transfer of personal data to third countries and / or to international organisations

Receivers

Role of the recipient

Recipient's seat

adequacy decision or appropriate or proportionate safeguards for transfers to third countries and/or international organisations


Hosting-Provider

processors

EU (Germany)

-

IT service provider for the technical operation and maintenance of the website

processors

EU (Germany)

-



    1. Use of the booking platform

On our booking platform we offer you the possibility to find hotels in the places you have indicated and to make bookings. We provide the booking platform as an interface solution and cooperate with various providers who present their respective platforms and offers as an integrated part of our booking platform. We process the contact data given in the booking enquiry form as the person responsible and forward the data required for processing the booking to the respective agents. We process your contact information to arrange a hotel booking.

Below you will find more detailed information:

      1. Details of the personal data processed:

Categories of personal data processed

Personal data included in the categories

Data sources

Obligation to provide data

storage period


Log data that is technically generated when hotels search and request information on our website via the Hypertext Transfer Protocol (Secure) (HTTP(S)) ("HTTP data").

IP address, type and version of your Internet browser, operating system used, the page accessed, date and time of access.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not provided, we cannot provide the content accessed on the website.

Data is stored in server log files in a form that enables identification of the persons concerned for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack).

In the event of a security-relevant event, server log files are stored until the security-relevant event is eliminated and fully resolved.

Information you provide to us in the Booking Request Form on the Website ("Booking Request Form Information").

This includes the information you provide to us on the Booking Request Form on the Website. This may include, in particular, the following data: Type of use, company, title, name, address, telephone number and e-mail address.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not provided, we will not be able to process your request.

Data is stored until the deactivation request.

We also store this data for evidence purposes for the purpose of asserting, exercising or defending any legal claims for a transitional period of three years and in the event of any legal disputes until their termination.

In addition, we store this data to the extent that statutory, in particular commercial and tax law, storage obligations exist. Depending on the type of document, commercial and tax retention obligations of six or ten years may exist (§ 147 Abgabenordnung (AO), § 257 Handelsgesetzbuch (HGB)).

Information we receive from the agent processing your request to complete the hotel reservation ("Booking Information").

Information about your booking, i.e. in particular which hotel you have booked, including period, hotel rooms and the booking number.

Responsible agent who processes your booking.

-

Data will be stored until the completion of your booking request.



      1. Details on the processing of personal data

Purpose of the processing of personal data

Categories of personal data processed

Automated decision making

Legal basis and, where appropriate, legitimate interests

receivers

HTTP data is temporarily processed on our web server in order to provide the contents of the website called up by the user for searching and booking hotels.

HTTP-Data

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is the provision of the content of the website accessed by the user.

Hosting-Provider.

In order to arrange hotel bookings, we process the data you provide in the booking enquiry form on our website and forward it to the respective booking agency, which will process your enquiry on its own responsibility.

Booking request form data

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is the provision of a booking platform and the mediation of hotel bookings.

Hosting provider, responsible booking agency


In order to arrange hotel bookings, we process your booking information and forward your booking request form data to the hotel you have booked so that it can complete your booking.

Booking request form data, booking information

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation).

Our legitimate interest is the provision of a booking platform and the mediation of hotel bookings.

The hotel you booked



      1. Details on the recipients of personal data and the transfer of personal data to third countries and / or to international organisations

receivers

Role of the recipient


Recipient's seat

Adequacy decision or appropriate or proportionate safeguards for transfers to third countries and/or international organisations

Hosting-Provider

Auftragsverarbeiter

EU (Deutschland)

-

Provider

The responsible booking agency will be shown to you within the scope of your booking.

responsible persons

EU

-

Hotels that you book on our platform via the respective booking agency.

responsible persons

Depending on the concrete selection of the person concerned. The hotel booked by the person concerned may be located within the EU or in a third country.



If the hotel booked by the person concerned is located in a third country, the transfer of the data takes place on the basis of Art. 49 Para. 1 S. 1 b of the Basic Data Protection Regulation (transfer is necessary for the fulfilment of a contract between the person concerned and the responsible person).



    1. Measurement of the web audience and use of web analysis and web tracking technologies

In order to measure the web audience, the visits to our website are recorded using so-called tracking pixels and analysed in anonymous form. Tracking pixels are small graphics on web pages that enable a log file recording and a log file analysis of the calls to the web pages.

If you have given your consent, we also use web analysis technologies to collect and analyze the usage behavior of our website using cookies (→ Section D of this Privacy Policy) to improve the website and to better achieve website goals (e.g., frequency of visits, number of page views).

If you have given your consent, we also use web tracking technologies to collect and analyze usage patterns on our website for (conversion) tracking purposes using cookies (→ Section D of this Privacy Policy).

More detailed information is provided below:

      1. Details of the personal data processed

Categories of personal data processed

Personal data included in the categories

Data sources

Obligation to provide data

storage period

tracking pixels

Log data that is generated when the pixel-code contained in our website is accessed via the Hypertext Transfer Protocol (Secure) (HTTP(S)) ("pixel-code HTTP data").

Tracking pixels are small graphics on Web pages that allow log file recording and log file analysis of Web page views.

IP address, type and version of your Internet browser, operating system used, the page accessed, date and time of access.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.



If the data is not made available, we cannot measure the web audience.

On this website, so-called IP anonymisation is activated for the use of the pixel-code. This means that the IP address transmitted by the browser for technical reasons is anonymised by shortening the IP address (by deleting the last octet of the IP address) before it is stored.

This means that the other log data is not stored in a form that allows identification of the person concerned.

Google Analytics

Log data that is technically generated when using the web analysis tool Google Analytics used on the website via the Hypertext Transfer Protocol (Secure) (HTTP(S)) ("Google Analytics HTTP data").

IP address, type and version of your Internet browser, operating system used, the page accessed, date and time of access.

Users of the website.


Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not made available, we cannot carry out a web analysis.

On this website a so-called IP anonymization is activated for the use of the web analysis tool Google Analytics. This means that the IP address transmitted by the browser for technical reasons is anonymised by shortening the IP address (by deleting the last octet of the IP address) before it is stored.

We store the remaining protocol data as long as they are necessary for the web analysis by Google Analytics.

Data stored in cookies (→ Section D) for the web analysis tool Google Analytics on the user's terminal device ("Google Analytics cookie data").

Unique visitor ID to identify returning visitors, number of visits by the visitor, time of first visit, previous visits and current visit, start and expected end of current visit, visitor category to which a user belongs, source or campaign that explains how a user got to the site.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not made available, we cannot carry out a web analysis.

As long as the data is required for web analytics by Google Analytics.

Data collected by the web analysis tool Google Analytics and stored in pseudonymous user profiles ("Google Analytics profile data").

Data on the use of the website, in particular page views, frequency of views and length of stay on viewed pages.

Generated independently.


As long as the data is required for web analytics by Google Analytics.



      1. Details on the processing of personal data

Purpose of the processing of personal data

Categories of personal data processed

Automated decision making

Legal basis and, where appropriate, legitimate interests

receivers

In order to measure the web audience, the visits to our website are recorded using so-called tracking pixels and analysed in anonymous form.

Counting pixel HTTP data.

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is to measure the web audience.

Hosting-Provider.

In order to improve the website and to better achieve the objectives of the website (e.g. frequency of visits, increase in page views), the behaviour of users on our website is recorded and analysed in pseudonymised form. Users of the website are marked in pseudonymous form in order to recognize them on the website. Pseudonymous user profiles are created from this information. The pseudonymous usage profiles are not combined with data about the bearer of the pseudonym. The aim of the procedure is to investigate where users come from, which areas of the website are visited and how often and for how long which subpages and categories are viewed.

Für diese Zwecke werden Cookies (→ Abschnitt D) des Web-Analyse-Werkzeugs Google Analytics eingesetzt.

Google Analytics HTTP data, Google Analytics cookie data, Google Analytics profile data.

No automated decision making takes place.

Consent (Article 6(1)(a) of the basic data protection Regulation)


Google



      1. Details on the recipients of personal data and the transfer of personal data to third countries and / or to international organisations

Receivers

Role of the recipient

Recipient's seat


Adequacy decision or appropriate or proportionate safeguards for transfers to third countries and/or international organisations


Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA („Google“)

processors

USA

Google ist unter dem EU-US-Datenschutzschild zertifiziert:

https://www.privacyshield.gov/participant?id=a2zt0000000000001L5AAI&status=Aktiv.

Für das EU-US-Datenschutzschild ist ein Angemessenheitsbeschluss der Kommission vorhanden:

http://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32016D1250.



    1. Use of the Facebook pixel

If you have given your consent for this, we use the so-called "Facebook pixel". Cookies from Facebook are used here (→ Section D).

The "Facebook pixel" enables Facebook to collect information about the activities of users of our website. The information collected is used to evaluate the effectiveness of our Facebook ads and to build target groups for our Facebook ads. In addition, Facebook may use the information for its own purposes or for the purposes of third parties, such as creating target groups for other advertisers.

By including "Facebook Pixel," we enable Facebook to collect personal information. The collection and processing of this data is the responsibility of Facebook. Facebook provides us with evaluations or further information based on the collected data only in aggregated, anonymous form. We cannot assign the information provided to us to any natural person. We have no knowledge of the details of the processing of personal data in Facebook's area of responsibility. Information about Facebook's processing of personal data can be found in Facebook's data policy: https://de-de.facebook.com/about/privacy/.

Below you will find more detailed information about the use of "Facebook pixels":

      1. Details of the personal data processed

Categories of personal data processed

Personal data included in the categories

Data sources

Obligation to provide data

storage period

Facebook pixel HTTP data.

Log data that is technically generated when the Facebook pixel used on the website is used via the Hypertext Transfer Protocol (Secure) (HTTP(S)).

This includes the IP address, type and version of your Internet browser, operating system used, as well as the date and time of access.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not made available, the Facebook pixel cannot function.

We do not collect or store this data ourselves.

The collection and processing of this data is the responsibility of Facebook. We have no knowledge of the storage period.

Facebook pixel cookie data.

Data stored in cookies for the Facebook pixel on the user's terminal device.

This includes a unique ID for the (re-)recognition of returning visitors.

(→ Section D.III. for more detailed information on the content of the cookies used.)

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not provided, the function of the Facebook pixel is not possible or only possible to a limited extent.

We do not collect or store this data ourselves.

The collection and processing of this data is the responsibility of Facebook. We have no knowledge of the storage period.

(→ Section D.III. for information on the validity period of the cookies used.)

Facebook pixel event data.

Data that Facebook collects through the Facebook pixel.

This includes actions that take place on the website (so-called "events"). These include, for example, completing a purchase, registering, adding payment information, initiating the order completion process, adding to the shopping cart, adding to wish lists, performing searches, viewing content. Typical installation events of Facebook Pixel; still to be adapted to the concrete configuration and to add any user-defined events].

This also includes information associated with the actions recorded (so-called "parameters"). This includes, for example, the value of purchases made.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not provided, the function of the Facebook pixel is not possible or only possible to a limited extent.

We do not collect or store this data ourselves.

The collection and processing of this data is the responsibility of Facebook. We have no knowledge of the storage period.

Facebook pixel analysis data.

Data that Facebook generates based on the information captured by Facebook pixels.

This includes information about the effectiveness of Facebook ads and user targeting for Facebook ads.

Facebook may generate additional information from the information it collects for its own purposes or for third party purposes. We are not aware of the details of the information generated by Facebook.

Generated independently by Facebook.


Facebook provides us with data only in aggregated, anonymous form. We cannot associate this information with any natural person.

The collection and processing of personal data is the responsibility of Facebook. We have no knowledge of the storage period.



      1. Details on the processing of personal data

Purpose of the processing of personal data

Categories of personal data processed

Automated decision making


Legal basis and, where appropriate, legitimate interests

Receivers

Facebook-Pixel

Evaluate the effectiveness of our Facebook ads and build target audiences for our Facebook ads:

The "Facebook pixel" captures actions that users perform on our site (such as making a purchase) and reports those actions to Facebook.

Based on the information collected by Facebook, Facebook provides us with aggregated, anonymous measurement results for our Facebook advertisements.


In particular, it allows us to know whether users who receive our Facebook advertisements perform certain actions on our website, such as making a purchase (known as "conversions").

Facebook also gives us the ability, based on the information collected by Facebook, to reach people who have visited our site or performed a particular action on our site in the future via Facebook advertisements again and to optimize our types of audiences.


Facebook also enables us, based on the information collected by Facebook, to create similar audiences for us to reach people with our Facebook advertisements who have similar characteristics to the users of our website.

Facebook provides us with evaluations or other information based on the data collected only in aggregated, anonymous form. We cannot attribute the information provided to us to any natural person. The collection and processing of personal data is the responsibility of Facebook. We have no knowledge of the details of the processing of the data in Facebook's area of responsibility.

Facebook pixel HTTP data, Facebook pixel cookie data, Facebook pixel event data, Facebook pixel analysis data.

We do not make automated decisions in our area of responsibility.

We have no knowledge of the details of the processing of the data in Facebook's area of responsibility, in particular of any automated decision making.



Legal basis for Facebook to enable the collection of personal data via our website:

Article 6(1)(a) of the Basic Data Protection Regulation (consent).

We do not process any personal data in our area of responsibility. We have no knowledge of the details of the processing of the data in Facebook's area of responsibility, in particular of the legal basis used by Facebook for the processing.

Facebook.

Facebook provides us with evaluations or further information based on the collected data only in aggregated, anonymous form. We cannot assign the information provided to us to any natural person. The collection and processing of personal data is the responsibility of Facebook. We have no knowledge of the details of the processing of the data in Facebook's area of responsibility.

Facebook may also use the information collected via "Facebook pixels" for its own purposes or for the purposes of third parties, for example to create target groups for other advertisers.

The collection and processing of personal data is the responsibility of Facebook. We have no knowledge of the details of the processing of the data in Facebook's area of responsibility.

Facebook pixel HTTP data, Facebook pixel cookie data, Facebook pixel event data, Facebook pixel analysis data.

We do not make automated decisions in our area of responsibility.

We have no knowledge of the details of the processing of the data in Facebook's area of responsibility, in particular of any automated decision making.

Legal basis for Facebook to enable the collection of personal data via our website:

Article 6(1)(a) of the Basic Data Protection Regulation (consent).

We do not process any personal data in our area of responsibility. We have no knowledge of the details of the processing of the data in Facebook's area of responsibility, in particular of the legal basis used by Facebook for the processing.


Facebook.



      1. Details on the recipients of personal data and the transfer of personal data to third countries and / or to international organisations


receivers

Role of the recipient

Recipient's seat

Adequacy decision or appropriate or proportionate safeguards for transfers to third countries and/or international organisations

Facebook:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA.

Responsible for the collection and processing of personal data by the Facebook pixel.

USA.

Facebook is certified under the EU-US privacy shield:

https://www.privacyshield.gov/participant?id=a2zt000000000GnywAAC&status=Active.

A Commission adequacy decision exists for the EU-US Privacy Shield:

http://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32016D1250.



    1. Use of the registration function for hotels

On the website we offer you the possibility to register a hotel for the booking platform and to present it on our portal. We process the information you provide in the registration form to conclude a membership contract for the use of our booking platform. If necessary, we may also store the information for evidence purposes for the assertion, exercise or defence of legal claims or for the fulfilment of legal, in particular commercial and tax law, storage obligations.

When using the registration form on the website, the browser used on your terminal device sends certain information to the server of our website for technical reasons, such as your IP address. We process this information to provide the registration form on the website.

More detailed information is provided below:

      1. Details of the personal data processed

Categories of personal data processed

Personal data included in the categories


Data sources

Obligation to provide data

storage period

Protocol data that is technically generated when the registration form is called up on the website via the Hypertext Transfer Protocol (Secure) (HTTP(S)) ("HTTP data").

IP address, type and version of your Internet browser, operating system used, date and time of access.

Users of the website.

Provision is not required by law or contract or required for the conclusion of a contract. There is no obligation to provide the data.

If the data is not provided, we cannot provide the content accessed on the website.

Data is stored in server log files in a form that enables identification of the persons concerned for a maximum period of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack).

In the event of a security-relevant event, server log files are stored until the security-relevant event is eliminated and fully resolved.

Data that we collect during registration for our website ("Registration Form Data").

This includes the information you provide to us in the registration form on the website (in particular the following mandatory information): Hotel name, salutation, name, address and e-mail address) as well as your login name and password.

Users of the website.

Provision is required for the conclusion of a contract.

In case of non-availability of data, you cannot register your hotel for our booking portal.

Data will be stored until the termination of the membership contract.

We also retain this data for evidentiary purposes for the possible assertion, exercise or defence of legal claims for a transitional period of three years and in the event of any legal disputes until their termination.

In addition, we store this data to the extent that statutory, in particular commercial and tax law, storage obligations exist. Depending on the type of document, commercial and tax retention obligations of six or ten years may exist (§ 147 Abgabenordnung (AO), § 257 Handelsgesetzbuch (HGB)).



      1. Details on the processing of personal data

Purpose of the processing of personal data

Categories of personal data processed

Automated decision making


Legal basis and, where appropriate, legitimate interests

Receivers

In order to provide our registration form on the website, HTTP data is temporarily processed on our web server.




HTTP-Data

No automated decision making takes place.


Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is the provision of the content of the website accessed by the user.

Hosting-Provider

Conclusion of a membership contract for the use of our booking platform.

Registration form data.

No automated decision making takes place.

Implementation of pre-contractual measures (Article 6(1)(b) of the basic Regulation on data protection).

Otherwise: balancing of interests (Article 6(1)(f) of the basic Regulation). In this case, it is our legitimate interest to process your request.



-

Provision of the area of our website accessible only to registered hotels.

In the login area for hotels you can change and maintain the registration form data and present the hotel on our platform. For this purpose you can upload information about the hotel (especially pictures, conference rooms and room categories, descriptions and offers) and design the hotel profile according to your wishes.

Registration form data.

No automated decision making takes place.

performance of a contract (Article 6(1)(b) of the basic Regulation on data protection).

Hosting-Provider

Storage and processing for evidence purposes for the possible assertion, exercise or defence of legal claims.

Registration form data.

No automated decision making takes place.

Balance of interests (Article 6(1)(f) of the basic data protection Regulation). Our legitimate interest is the assertion, exercise or defence of legal claims.


Storage of data for the fulfilment of legal, in particular commercial and tax law, storage obligations.

Depending on the type of document, commercial and tax retention obligations can last for six or ten years (§ 147 Abgabenordnung (AO), § 257 Handelsgesetzbuch (HGB)).

Registration form data.

No automated decision making takes place.

Compliance with a legal obligation (Article 6(1)(c) of the basic data protection Regulation).




      1. Details on the recipients of personal data and the transfer of personal data to third countries and / or to international organisations

Receivers

Role of the recipient

Recipient's seat

Adequacy decision or appropriate or proportionate safeguards for transfers to third countries and/or international organisations

Hosting-Provider

processors

EU (Germany)

-


    1. Use of an online map service plug-in

The website incorporates a so-called third-party plug-in, with which we can use the online map service Google Maps on the website. The plug-in is integrated into the website. With this solution, the plug-in is activated directly when the website is called up.

If you activate the third-party plug-in, you use a functionality offered by the provider of the plug-in under his own responsibility, which is only visually embedded in the presentation of our website. When activating the plug-in, the provider of the plug-in may receive personal data from you. When activating the plug-in, the provider of the plug-in may also use cookies (-> Section D).

You will find more detailed information on this in the following:

      1. Online map service plug-in integrated on the website

The following third-party plug-ins are included on the Website that allow you to use the functionality offered on the Website by the following third-party vendors:

third-party providers

third-party plug-in


Further information from the provider about the third-party plug-in

Adequacy decision or appropriate or proportionate safeguards for transfers to third countries and/or international organisations

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA („Google“)

Google Maps

You can find more information about the functionality in the description of the providers:

https://developers.google.com/maps/

Further information on data processing by the provider can be found in the provider's data protection information:

https://www.google.com/policies/privacy/




Google is under the

EU-US data protection shield certified:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

A Commission adequacy decision exists for the EU-US shield:

http://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32016D1250.




      1. Processing of personal data by Google as the provider of the third-party plug-in

The third-party plug-in is integrated on the website. With this solution, the plug-in is activated directly when the website is called.

When the plug-in is activated, the provider of the plug-in (comparable to calling an external Web page via a link) can receive your IP address and the address (URL) of the Web page from which you are activating the plug-in. In addition, the provider of the activated plug-in can receive information from any cookies stored in your internet browser. The provider of the plug-in can therefore already receive the information that our website was accessed under the IP address assigned to you at the time the plug-in was called when you initiated the activation of the respective plug-in. If you are registered with the third-party provider as a user, the provider of the plug-in can usually also assign the data received to your user account. We would like to point out that we have no knowledge of the data specifically collected by the provider of the plug-in. In addition, we have no knowledge of the concrete purposes of the processing of the collected data by the provider of the plug-in or of further details of the provider's data processing. In particular, we do not know whether the provider processes the collected data solely for the purpose of providing the functionality of the plug-in (e.g. for sharing certain content or submitting a comment) or for other purposes (e.g. for creating user profiles or personalising advertising).

  1. Information about the use of cookies

We use cookies in connection with the booking platform. We use the processing and storage functions of the browser of your terminal device and collect information from the memory of the browser of your terminal device.

You will find more detailed information on this below.

    1. General information about cookies

Cookies are small text files containing information that can be placed on the user's terminal device via the browser when a website is visited. The cookie and the information stored on it can be retrieved when the website is called up again using the same terminal device.

      1. First- and Third-Party-Cookies

Depending on where a cookie originates from, so-called first-party cookies and third-party cookies can be distinguished:

First-Party-Cookies

Cookies that are set and retrieved by the website operator as the person responsible for the processing or by an order processor commissioned by him.

Third-Party-Cookies

Cookies that are set and retrieved by data controllers other than the website operator who are not contract processors on behalf of the website operator.



      1. Transient and persistent cookies

Depending on the validity period, so-called transient and persistent cookies can also be distinguished:



Transient Cookies (session cookies)

Cookies that are automatically deleted when you close your browser.

Persistent Cookies

Cookies that remain stored on your end device for a certain period of time after closing the browser.



      1. Cookies without and requiring consent

Depending on their function and purpose, the use of certain cookies may require the user's consent. In this respect, cookies can be differentiated according to whether the user's consent is required for their use:

exemption from consent cookies

Cookies, the sole purpose of which is to carry out the transmission of a message via an electronic communications network.

Cookies that are absolutely necessary for the provider of an Information Society service that has been expressly requested by the subscriber or user to provide this service ("Absolutely Required Cookies").

Cookies requiring consent

Cookies for all purposes other than those mentioned above.


    1. Management of cookies used on this website

      1. Consent to the use of cookies and management of cookies via cookie dashboard

Insofar as the user's consent is required for the use of certain cookies, we will only use these cookies for your use of the website if you have given your prior consent. Information on whether consent is required for the use of a cookie can be found in the information on the cookies used on this website in Section D.III. of this cookie information.

When you visit our website, we display a so-called "cookie banner" in which you can declare your consent to the use of cookies on this website by pressing a button. By clicking on the button provided for this purpose, you have the opportunity to consent to the use of all cookies described in detail in Section D.III. of this Cookie Information. Alternatively, by clicking on the "Cookie Dashboard" button, you can make an individual selection of cookies. In the "Cookie Dashboard" of this website, you also have the option of customising the selection you make at a later date.

We also store your consent and, if applicable, your individual selection of cookies in the form of a cookie ("opt-in cookie") on your terminal device in order to determine whether you have already given your consent when you call up the website again. The opt-in cookie has a limited validity of 6 months.

Unconditionally required cookies cannot be deactivated via the cookie administration function of this website. However, you can deactivate these cookies generally in your browser at any time.

      1. Administration of cookies via browser settings

You can also manage the use of cookies in the settings of your browser. Different browsers offer different ways to configure cookie settings in your browser. Further detailed information on this can be found, for example, at http://www.allaboutcookies.org/ge/cookies-verwalten/.

However, we would like to point out that if you generally deactivate cookies in your browser, some functions of the website may not function properly or at all.

    1. Cookies used on this website

The following cookies may be used on this website:

Designation

First Party / Third Party

Purpose and content

Validity

Need for consent

Opt-In-Cookies

top10entities

First Party

Absolutely necessary cookie for storing your consent and, if necessary, your individual selection for the use of cookies on your terminal device in order to determine whether you have already given your consent when you call up the website again.

Persistent:
6 months

No.

Google Analytics-Cookies

SL_C_23361dd035530_KEY

First Party

Use Google Analytics, a web analytics tool, to measure and analyse usage patterns on our website to improve the site (→ Section C of this Privacy Statement).

Dieser Cookie speichert die Anzahl der Besuche jedes Besuchers und den Zeitpunkt des ersten Besuchs, die früheren Besuche und den aktuellen Besuch.

Persistent:
2 years

yes.

PHPSESSID

First Party

Use Google Analytics, a web analytics tool, to measure and analyse usage patterns on our website to improve the site (→ Section C of this Privacy Statement).

Dieser Cookie wird verwendet, um die Anforderungsrate zu drosseln

Transient

yes.

agency_dashboard_firstlogin

First Party

Use Google Analytics, a web analytics tool, to measure and analyse usage patterns on our website to improve the site (→ Section C of this Privacy Statement).

This cookie is used to track how long a visitor stays on a website, i.e. when the visit begins and when it ends.

This cookie stores the time at which a visitor leaves a page.

Persistent:
30 minutes

yes.

agency_dashboard_howto

First Party

Use Google Analytics, a web analytics tool, to measure and analyse usage patterns on our website to improve the site (→ Section C of this Privacy Statement).

This cookie stores the visitor category to which a user belongs.

Persistent:
2 years

yes.

Facebook -Pixel-Cookies

Facebook Pixel-Cookies.

First Party

The information collected is used to evaluate the effectiveness of our Facebook ads and to build target groups for our Facebook ads. In addition, Facebook may use the information for its own purposes or for the purposes of third parties, such as creating target groups for other advertisers.

6 months

yes.

Third party plug-in cookies

_fbp

Third Party

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

Persistent:
6 months

No.

_ga

Third Party


Persistent:
6 months

yes.

_gcl_au

Third Party


Persistent:
6 months

yes.

_gid

Third Party


Persistent:
6 months

yes.



  1. Status and changes of this data protection information

This data protection information has the status: 31.03.2019.

Due to technical developments and/or changes in legal and/or official requirements, it may be necessary to adapt this data protection information.

The current data protection information can be called up at any time under www.mice-access.com.



Art of Travel | Email: vincent@artoftravel.eu | Phone: +420 224 239 250