Privacy policy
Status: 5.2018
Version 1.0
Purpose of the Privacy Policy
We, the Traveltainment GmbH, take the protection of your personal data very seriously and we strictly adhere to the rules of the data protection laws.
On this website personal data is collected only to the extent that is technically necessary.
In no case the collected data is sold or transmitted to third parties for non-commercial purposes.

Name and address of the controller
The Controller within the meaning of the EU General Data Protection Regulation (“GDPR”) and other national data protection laws of the member states as well as other provisions under data protection law is:
 
Traveltainment GmbH
Carlo-Schmid-Straße 12
D-52146 Würselen/Aachen
T: +49 (0)2405 4484 0
F: +49 (0)2405 4484 90
E-Mail: [email protected]

You can find further details in the masthead.
Should you have any questions relating to this Privacy Policy please contact us by e-mail under the following address: [email protected].

Contact data of the data protection officer
The data protection officer of Traveltainment can be reached by normal mail under Data protection officer, Traveltainment GmbH, Carlo-Schmid-Straße 12, D-52146 Würselen/Aachen, Germany or by e-mail to [email protected].

An initial overview
We would like to initially give you a general overview of the contents of our privacy policy.

It is very important to us that you get all required information about data protection in an easily comprehensible and transparent way. In different parts of this privacy policy you have the opportunity to view in-depth further information by means of clicking on a link or to directly read individual parts of this policy.
As you are probably aware, a modern website that equally reflects the requirements of the user and the website operator only works when certain personal data are processed. We initially explain what personal data are. You then learn what kind of personal data we collect and how we process them. Finally, we explain in detail how the processing of personal data is determined by your use of the website.

What are personal data?
Personal data is any information, which refers to an identified or identifiable natural person. This is therefore all data, which identifies you as an individual or makes you identifiable. For example name, postal address, telephone number, e-mail address.

The processing of personal data is only carried out if this is permitted by statutory regulations.

We will present to you in detail below, which personal data we collect, how and why we process these and on which legal basis this takes place.

Which personal data do we process?
First priority is that we only process personal data if this is permitted by statutory regulations. We follow the principle of processing as few personal data as possible, but as many as required for the services we offer. In the end, you as a customer benefit from this, as we are able to even better adapt our offers and services to your needs.

The type of the personal data which we collect is decisively determined according to how you use the website.

We process (e.g. in case of a newsletter registration or when the contact form is used) your name, company, e-mail address and address.

How we use the personal data entered by you
We use the entered personal data for the following purposes:
  • In order to process your inquiries (e.g. in order to have news and updates sent to you and in order to answer your questions).
  • In order to obtain remarks and comments (e.g. within the scope of a survey).
  • In order to send you important information with regard to the website, changes to our business terms and conditions and guidelines and/or other administration-related information.
  • If you consent or if permitted by virtue of the law in order to inform you by e-mail about products and services, special and promotion offers and to send you other marketing material that could possibly be of interest to you.
  • If you have consented in order to evaluate your usage behavior with regard to the newsletters sent by us, operated websites and the used links or executed downloads for a better and more personal service.
  • In order to enable you to participate in prize draws, competitions and similar advertising actions (collectively referred to as “advertising actions”). You should read the rules, if available, of each advertising action, in which you take part, carefully as under certain circumstances they contain important additional information about the use of your personal data. Insofar as the provisions of such rules with regard to the handling of personal data stand in contradiction to this Privacy Policy, the provisions of the respective rules shall be deemed as decisive.
  • For internal business purposes, e.g. data analysis, audits, development of new products, extension of our website, improvement of our services, identification of trends for use and assessment of the effectiveness of our advertising campaigns.
The legal framework for the use of your personal data
The use of the entered personal data is only carried out as envisaged in the EU General Data Protection Regulation (GDPR):
  • If necessary for the processing of personal data, we will obtain your consent pursuant to Art. 6 Para. 1 lit. a.
  • If the processing of your personal data serves to fulfil a contract, in which you participate as a contractual party, Art. 6 Para. 1 lit. b GDPR is the legal basis. This shall also apply to processing activities, which are necessary for the execution of pre-contractual measures.
  • If we process your personal data in order to fulfil a legal obligation, this is based on Art. 6 Para. 1 lit. c GDPR.
  • If vital interests of the data subject or another natural person renders a processing of personal data necessary this shall take place owing to Art. 6 Para. 1 lit. d GDPR.
  • If the processing is necessary in order to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedom of the data subject do not outweigh the first mentioned interest then Art. 6 Para. 1 lit. f GDPR will serve as a legal basis for the processing.
If you follow this link you can read the entire text of the GDPR law.

After this general overview we would like to fully inform you about which of your personal data we process. The type and the scope of the personal data, which we process are decisively determined according to how you use our website. Moreover, it is also decisive which information you state when using the website. We and other service providers process the information you state at different times when using the website to different degrees, depending on the type of use of this website.

The possible types of use of the website
In the following we outline the different possible uses of our website. For each individual case we explain which personal data we collect, for which purpose and on which legal basis this takes place.
  • Information procurement regarding the company and its products
  • Contacting
  • Order form Traveltainment Bistro Portal test version
  • Registration form Traveltainment Newsletter
  • Forwarding to the registration for the Amadeus Newsletter
What happens when you merely pay a visit to our website in order to inform yourself about us?
With the mere informational use of our website, i.e. if you do not register or otherwise send information, we will only collect the personal data, which your browser transmits to our server. If you wish to view our website, we will collect the following data, which are necessary for us from a technical point of view in order to display our website to you and to guarantee the stability and security, the legal basis is Art 6 Para. 1 S. 1 lit. f GDPR:

Technical data:
These include
Your IP address,
Your registration data,
Type and version of your browser,
Your time zone setting,
Type and version of your browser plugins,
Your operating system and your platform.

Non-personal data:
Collected information relating to your use of the website, your full URL-click stream (Uniform Resource Locator), via the and from the website (with details of data and time), the products displayed or searched for by you, answer times of the sites, download errors, duration of the display of certain sites, information relating to the site interactions (e.g. scrolling, clicking and mouse-over) as well as the methods used to leave the site.

We automatically process information which your browser transmits to us in your Server Log Files. This includes:
  • Browser type/version
  • Used operating system
  • Referrer URL (previously visited page)
  • Host name of the accessing computer (IP address)
  • Time of the server request.
We cannot assign these data to certain persons. These data are not merged with other data sources, the data are deleted within five days.

What happens to your personal data when you have left our website after a mere informational visit?
If you have sufficiently informed yourself about us on our website and left it again without, for example, having registered for our newsletter or carrying out any further action, we will automatically delete your data, which are necessary for the operation of our website, within 5 days after the respective session was ended (i.e. after you closed the browser window).

The aforementioned shall apply to the visit to our website purely for informational purposes. Our website, however, offers many different possibilities for usage and contact. Depending on which offers you use, your personal data will be stored and processed to a varying extent. Below we have presented for you in detail what the respective type of usage means for the handling of your personal data.

Why we use cookies on our website
Traveltainment and other service provider record details in relation to your person by using cookies.

What is a cookie?
A cookie is a text file with small quantities of information, which is downloaded onto your device (computer, mobile device) when a website is visited. A cookie is sent back to the original website with each visit to the website or a website, which recognizes this cookie. Cookies are helpful as websites can recognize the device of a user with the help of cookies.

Which types of cookies are there?
There are two main types of cookies: Session Cookies and Persistent Cookies.

Session Cookies are only allocated to your computer or mobile device for the duration of the visit to a website and will be deleted as soon as you close the browser.

Persistent Cookies on the other hand, are stored on your device until they are deleted or expire.

Which cookies are used on this website?
Absolutely necessary cookies
These are necessary in order for you to be able to navigate on the website and can use its functions, e.g. with the access to secure areas of the website. Without these cookies services requested by you cannot be made available. These cookies do not collect any information about you, which can be used for marketing purposes. We have a legitimate interest in the use of these cookies as otherwise you cannot use our website, or we cannot present our website to you in a functional manner.

Functional cookies
These collect information concerning how this website is used by you. For example, information can be collected regarding which pages you have visited more frequently or when you have received an error message from one of the pages on this website. These cookies do not collect direct information, which identifies you.

Functionality cookies
With the help of these cookies the website can remember your individual settings, the preferred language or the region, in which you are located. The website subsequently uses this information to provide improved functions. These cookies can also be used in order to remember changes, which you have made to text size, font and other adjustable parts of the website. Even if the information collected by these cookies is anonymous, these cookies can identify you in combination with other data, because they track certain information of your internet provider for your settings.

Target-oriented cookies
These cookies collect various items of information about your surfing habits. These cookies store that you have visited various websites, and transmits the information to other companies, e.g. advertising companies. The pursued purpose is to display target-oriented advertising to you, which are more relevant for you and your interests. Although these cookies can track your visits to websites in the internet, the cookies themselves do not usually know where you are located. Without these cookies the online advertisements displayed to you are of less relevance for you and your interests.

How can cookies be restricted or blocked?
You can adjust the settings of your browser so that cookies, which are set by the website (or another website in the internet), are restricted or blocked. In your browser you will find information about the adjustment to your settings. On www.allaboutcookies.org you will find general information about cookies as well as the adjustment of cookie settings for the various browsers.

Cookie list
__cfduid
This cookie is set by Cloudflare Inc. to recognize end devices and to increase the security of this site.

Here you will find more information::
https://support.cloudflare.com/hc/en-us/articles/205177068-Step-1-How-does-Cloudflare-work-

https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-Cloudflare-cfduid-cookie-do-
Collected personal data:
Unique device ID

Transfer of the data:
The device ID is passed on to Cloudflare Inc.
Storage duration of the cookie:
This is a persistent cookie that expires after 1 year. Every time you visit the expiration date is reset to 1 year.
Privacy Policy of the cookie provider:
https://www.cloudflare.com/security-policy/
ewafut
These cookies are set by the SC-Networks GmbH to collect data for newsletter use.
Collected personal data:
Date and time, Browser, Referrer, User agent, Clicked links


Transfer of the data:
The collected data is passed on to the SC-Networks GmbH.
Storage duration of the cookie:
This is a persistent cookie that expires after 2 years.
ewafutano
These cookies are set by the SC-Networks GmbH to collect data for newsletter use.
Collected data anonymous:
Date and time, Browser, Referrer, User agent, Clicked links


Transfer of the data:
The collected data is passed on to the SC-Networks GmbH.
Storage duration of the cookie:
This is a persistent cookie that expires after 2 years. Every time you visit the expiration date is reset to 2 year.
midih_jiiq_8k6_hm05m8
These cookies are set by the SC-Networks GmbH to collect data for newsletter use.
Collected personal data:
Date and time, Browser, Referrer, User agent, Clicked links


Transfer of the data:
The collected data is passed on to the SC-Networks GmbH.
Storage duration of the cookie:
This is a persistent cookie that expires after 1 month. Every time you visit the expiration date is reset to 1 month.
PHPSESSID
This cookie is set by Traveltainment and allows us to recognize you while using our website.
Collected personal data:
Unique session ID


Transfer of the data:
No personal data is disclosed.
Storage duration of the cookie:
This is a session cookie that is deleted when the browser is closed.
Traveltainment is the cookie provider.
qtrans_front_language
This cookie is set by Traveltainment and stores the language in which you view our website.
Collected personal data:
Language

Transfer of the data:
No personal data is disclosed.
Storage duration of the cookie:
This is a persistent cookie that expires after 1 year. Every time you visit the expiration date is reset to 1 year.
Traveltainment is the cookie provider.
Applications and application procedures
If you apply to us for a position in our company, we process your personal data for the purpose of the handling of the application procedure. The processing can also take place by electronic means. This takes place if you send us your application documents by electronic means, e.g. by e-mail or via a web form provided on our website. In case of the conclusion of an employment contract with an applicant we store the transmitted data for the purpose of the handling of the employment relationship upon observance of statutory regulations. If no employment contract is concluded with the applicant, we automatically delete the application documents two months after the notification of the refusal. This doesn’t apply if we have other legitimate interests that are opposed to a deletion. A legitimate interest in this sense is e.g. a burden of proof in a procedure according to the General Equal Treatment Act (AGG).

Newsletter registration
On our website you have the possibility to register for free for our newsletter or for the Amadeus newsletter. If you sign up for the newsletter we will regularly provide you with news worth knowing about our company and about products of our company.

If you want to receive our newsletter, you have to register for the respective dispatch on our website or in writing and have a valid e-mail address.

With the registration for our newsletter we process the personal data requested from you in the input mask. These personal data are transmitted to specialized technical service providers and communication agencies for order processing via an encrypted connection. In addition, we store the IP address allocated by the Internet-Service-Provider (ISP) of the computer system used by the relevant person at the time of the registration as well as the date and the time of the registration. With the dispatch of the form the personal data you entered in the respective input mask are processed to send the newsletter.

For the newsletter registration a double-opt-in procedure is used. For this purpose an e-mail with a confirmation link is sent to the indicated address after dispatch of the completed form. This e-mail includes a link which has to be clicked to confirm the registration. The newsletter registration is only effective after this step.

The following data are collected during the different steps of the newsletter registration:
Entry/modification (via web form): entry type (new or modification), date and time, IP address
Confirmation (via link from double-opt-in request): date and time, IP address
Deregistration (via link from the newsletter list): date and time, IP address, deregistration status

The legal basis for the data processing is Art. 6 Para. 1 lit. a) GDPR.

We exclusively use your personal data, which you have provided to us with the registration for the newsletter, for sending the newsletter. To prepare and dispatch the newsletter we employ specialized technical service providers as well as marketing agencies. We forward your personal data to these service providers. We do not forward these data to other third parties, if there is no statutory obligation for the forwarding or this serves the purpose of criminal prosecution.

You can unsubscribe from our newsletter at all times. In the newsletter you will find a corresponding link for this purpose. If you have unsubscribed from the newsletter we will delete the entered personal data.

Newsletter tracking
To further optimize our offers, we prepare usage profiles using pseudonyms. At the initial creation of the newsletter address a hash value is formed from the e-mail address. This is added to the scope analysis tool, it is completely separated from and cannot be calculated backwards to the e-mail address. In case of pseudonymized tracking it is not possible to deduce you as a person. This pseudonymization is not reversed.

The following usage data are collected in a pseudonymized way:
  • Opening of the newsletter and clicks (time and frequency)
  • Type of end device, browser and resolution
Contact form on our website / contact by e-mail
On our website we offer you the possibility to contact us via a contact form. Your personal data, which you enter in the contact form, will be transmitted to us and we store these.

For the contact form online travel portals we process the personal data you entered in the input mask.

For the contact form Traveltainment Bistro Portal test version we process the personal data you entered in the input mask.

As soon as you have sent the contact form to us we will process from you:
  • Your IP address
  • Date and time of the registration
We process the personal data you indicated when you send the respective form.

If you contact us via e-mail we will store and process the personal data transmitted to us with your e-mail.

Your personal data will not be forwarded to third parties if there is no statutory obligation for the forwarding or this serves the purpose of criminal prosecution. If contact is made per e-mail we will process your personal data based on Art. 6 Para. 1 lit. f GDPR. If the e-mail serves the conclusion of a contract or the execution of pre-contractual measures then Art. 6 Para. 1 lit. b GDPR is the legal basis for the data processing.

The personal data provided by you in the contact form or your e-mail will solely be used to process the communication with you. We use the personal data, which are processed during the sending process, in order to prevent misuse of the contact form and to secure our IT systems.

If your personal data is no longer required for the above mentioned purpose, we will erase it. If you contacted us via e-mail or the contact form, the erasure will take place as soon as the concern that ensues from the contact is ended, i.e. has been finally clarified./br>
We will delete the data, which are processed for the sending process, within 5 days.

Integration of the services of third parties
We have integrated YouTube videos into our online offer, which are stored on www.YouTube.com and can be played back directly from our website. These are all integrated in the “extended data protection mode”, i.e. no data about you as user are transmitted to YouTube if you do not play the videos back. Only when you playback the videos the data previously stated under plugins will be transmitted. We have no influence on this data transmission.

Forwarding of personal data to third parties
At the beginning of this privacy statement we explained to you for which purposes we process your personal data. We are an internationally organized company and part of the Amadeus Group. This entails that we have to forward your personal data to third parties in order to provide optimum services for you. This shall also include a cross-border exchange of personal data. This is decisive for the provision of our services.
Third parties, to which we transmit data are:
  • Business partners, suppliers, subcontractors and service providers for the execution of a contract, which we have concluded with these companies or with you.
  • In order to prove your identity towards all persons, to whom you send messages with information relating to the website directly via the website.
  • To sponsors of advertising actions (irrespective whether the advertising actions are organized by us) or otherwise in compliance with the rules applicable for the respective advertising action. You should read the rules, if available, of each advertising action, in which you take part, carefully as under certain circumstances they contain important additional information about the use of your personal data by sponsors or third parties. Insofar as the provisions of such rules with regard to the handling of personal data stand in contradiction to this Privacy Policy, the provisions of the respective rules shall be deemed as decisive.
  • To analysts and providers of search engines, which support us with the improvement and optimization of our website.
  • To group companies or to third parties in the event of a restructuring, a merger, a sale, a Joint Venture, an assignment, a transfer or all other disposals over the business operation, the fixed assets or the warehouse stocks/shareholdings in their entirety or in parts (including without a restriction in conjunction with insolvency or comparable proceedings).
It is of upmost importance to us particularly that your personal data are stored and transmitted in a secure manner. For this reason we only transmit data outside of the European Economic Area or the EEA (i.e. the member states of the European Union as well as Norway, Iceland and Liechtenstein) if this complies with the data protection law and the channel for the transmission offers appropriate protection for your personal data.

This is the case:
  • if a data transmission agreement is available, which includes the current standard contractual clauses, which the European Commission envisages for the transmission of personal data by responsible parties in the EEA to responsible parties and contract processors in legal systems without appropriate data protection law, or
  • by the signing of the EU-U.S. Privacy Shield Framework for the transmission of personal data from companies in the EU to companies in the USA or an equivalent agreement between other legal system, or
  • the transmission of your data to a country, in which a standard of data protection exists as stipulated by law that was assessed as appropriate by the European Commission, or
  • if it is necessary for the conclusion or the processing of a contract between us and a third party and the transmission is in your interest for the purpose of this contract (for example if we must transmit data outside of the EEA in order to fulfill our obligations from this contract if you are a customer of our company), or
  • if you have granted your consent for the data transmission.
In order to ensure that your personal data enjoy an appropriate degree of protection we have implemented suitable measures with third parties with which we share your personal data in order to ensure that your personal data are processed by these third parties in a manner that is consistent with the data protection rights that is in line with the data protection laws.

You can read the legal provisions of the GDPR concerning the forwarding of data to third parties in the full text here.

Security
In order to guarantee the protection of the personal data controlled by us, we take all organizational, technical and administration-related measures to a reasonable extent. Unfortunately, no 100% security can be guaranteed for data transmissions via the internet or for data storage systems. Please do not send us any confidential information by e-mail. If you have cause to assume that your interaction with us is no longer secure (if, for example, you are convinced that the safety of an account, which you have set up in our company, is no longer guaranteed), you must inform us of the problem without delay by contacting us using the contact information on the website (please note that if you contact us by normal post the processing of your problem by us may be delayed). Moreover, please note that the communication by e-mail is not inevitably secure. Accordingly, you should not enter any credit card information in your e-mail correspondence with us.

Duration of the storage / deletion
We have explained to you above for the respective individual case how long we store your personal data and when we delete them.

In general we will store your personal data during a deadline, which is required in order to fulfill the purposes stated in this Privacy Policy, unless a longer storage deadline is necessary or is permitted by virtue of the law.

If the purpose of the storage ceases to apply or if a storage deadline expires that is stipulated by the European body for the issue of Directives and Regulations or another responsible legislator, the personal data will be blocked or deleted as a routine and in compliance with the statutory regulations.

Instruction regarding the use of the website by children
The website is not oriented to individuals under the age of eighteen (18) years old. We request these persons not to make any personal data available via the website.

Rights of the data subjects
According to the GDPR you are entitled to the following rights against us:
Right of access by the data subject pursuant to Art. 15 GDPR
Right to rectification Art. 16 GDPR
Right to erasure (“right to be forgotten”) Art. 17 GDPR
Right to restriction of processing Art. 18 GDPR
Right to notification Art. 19 GDPR
Right to data portability Art. 20 GDPR

The following link https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&rid=1 leads you directly to the text of the GDPR law.

Separate information relating to the right of the data subject to file an objection Art. 21 GDPR
You have the right, for reasons, which arise from your special situation, to file an objection at all times against the processing of the personal data relating to you that is carried out owing to Art. 6 Para. 1 lit. e or f GDPR; this shall also apply to a profiling that is supported on these provisions.

We will no longer process the personal data relating to you, unless we can proof essential reasons worthy of protection for the processing, which outweigh your interests, rights and freedom, or the processing serves the assertion, exercising or defense against legal claims.

If the personal data relating to you are processed in order to conduct direct advertising you have the right to file an objection against the processing of the personal data relating to you for the purpose of such advertising at all times; this shall also apply to the profiling insofar as it is associated with such direct advertising.

If you object to the processing for purposes of direct advertising then the personal data relating to you will no longer be processed for these purposes.

Right to revocation of the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at all times. The lawfulness of the processing carried out owing to the consent until the revocation will not be affected by the revocation of the consent.

This right is concluded from Art. 7 Para. 3 GDPR. This link will lead you directly to the text of the GDPR law.

Right to lodge a complaint at a supervisory authority
Irrespective of any other legal remedy under administrative law or in court you are entitled to the right to lodge a complaint at a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement if you are of the opinion that the processing of the personal data relating to you breaches the GDPR.

The supervisory authority, at which the complaint was lodged, will inform the complainant about the status and the results of the complaint including the possibility of a legal remedy in court according to Art. 78 GDPR.

Print Friendly, PDF & Email