Datenschutzerklärung Servento Boardinghouse

Data protection

1 Information on this Privacy Policy

Thank you for your interest in our company. The management team at SERVENTO BOARDINGHOUSE attaches great importance to data protection.

If you use certain services provided by our company, e.g. our website, we will need to process your personal data. Within the meaning of the stipulations under data protection law you are then a "data subject" - therefore you shall also be called data subject hereinafter.

When processing personal data like the name, address, phone number or email address of data subjects, we shall always observe the provisions of the General Data Protection Regulation and the applicable data protection regulations in the relevant country.

If there is no legal basis for the processing of personal data, we shall generally obtain the consent of the data subject before carrying out processing.

The aim of this Privacy Statement is to inform the public about the nature, scope and purpose of the personal data that we collect, use and process. We would also like to inform data subjects about their rights.

SERVENTO BOARDINGHOUSE GmbH takes various technical and organisation measures to ensure the best possible protection of the personal data it processes. Nevertheless, the transfer of personal data via the Internet may be affected by security issues, and so it is not always possible to guarantee complete protection. Each data subject is therefore free to transmit such data to us by other means, such as over the phone.

2 Terminology

The terminology below is used in accordance with the definitions set forth in Art. 12 Para. 1 General Data Protection Regulation (GDPR) and Section 2 German Federal Data Protection Act [Bundesdatenschutzgesetz - BDSG]. The text of the GDPR can be viewed here: https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679&from=DE, the text of the BDSG here: https://www.gesetze-im-internet.de/bdsg_2018/BJNR209710017.html.

3 Contact information

The "Controller" within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:

SERVENTO BOARDINGHOUSE GmbH

Großreuther Straße 70

D-90425 Nürnberg

Tel.: +49 911-93425-743

Email: info@servento-boardinghouse.de

Website: www.servento-boardinghouse.de

The object of SERVENTO BOARDGINGHOUSE GmbH is the rental and letting of real estate as well as the operation of a boarding house, thus the letting of a furnished room incl. further services for a limited period of time.

Pursuant to the requirements of the General Data Protection Regulation and the German Federal Data Protection Act it is not necessary to name a data protection officer for SERVENTO BOARDINGHOUSE GmbH. Data subjects can always contact us directly with any questions or suggestions regarding data protection.

4 General instructions regarding the use of the website

We make every effort to ensure the security of the personal data of data subjects within the scope of the applicable data protection laws and technical possibilities. Any personal data entered on our website shall be transferred to us in an SSL-encrypted format (Secure Sockets Layer).

However, we would like to point out that data transferred, e.g. when communicating by e-mail, may have security issues. Data cannot be completely protected against third-party access. We shall safeguard your data by taking technical and organisational measures that are regularly updated to reflect the current state of the art. We cannot guarantee the uninterrupted availability of our website; faults, interruptions and failures cannot be ruled out. Regular and careful back-ups are carried out on our servers.

4.1 Contact via our website

The data subject has the possibility to contact us through (a) contact form(s) of our website by entering personal data. Which personal data are transmitted to us in this case, can be seen from the respective input mask that is used for making contact. The consent of the data subject granted before sending the contact form serves as a legal basis for the processing pursuant to Art. 6 Para. 1 lit. a EU General Data Protection Regulation (GDPR). The personal data provided by the data subject are exclusively collected and stored by us for internal use and for own purposes. We can arrange for the forwarding to one or more contract data processors, for example a parcel service provider, which shall also exclusively use the personal data for an internal use that is to be attributed to us.

Furthermore, through a contact via our website the IP address allocated by the Internet-Service-Provider (ISP) of the data subject, the date as well as the time when contact was made are stored. The storage of these data is carried out against the background that only this way can the misuse of our services be prevented and these data, if required, enable the clarification of committed criminal offences. Insofar the storage of these data is necessary for our protection. These data are principally not forwarded to third parties if no statutory obligation exists for forwarding or the forwarding serves the criminal prosecution.

The contact of the data subject with the voluntary provision of personal data serves us to offer the data subject contents or services, which by the nature of the matter can only be offered by a contact. Data subjects have the possibility to change the personal data provided when making contact at any time or to have these completely erased from our database.

We shall provide each data subject upon request information at any time regarding which personal data are stored in relation to them. Furthermore, we shall rectify or erase personal data upon request or with an indication of the data subject, insofar as this is not opposed by any statutory storage obligations. Our staff shall be available as a contact to the data subject in this context.

4.2 Cookies

Our website uses cookies. Cookies are text files that are saved on a data subject’s IT system via or by that person’s browser. If the data subject calls up our website cookies may be stored on the IT system of the data subject. These cookies contain characteristic strings, which enable a clear identification of the browser when the website is called up again.

4.2.1 Technically necessary cookies

In order to guarantee the functionality of our website, but also to fulfil legal obligations, we use technically absolutely essential cookies. These cookies contain information about the visit (IP address, time of page view, device and browser information) as well as data about the use of the website (e.g. granting of consent to the processing of your personal data, selected language, booking information). The legal basis for the processing of personal data using technically necessary cookies is Art. 6 Para. 1 lit. b (performance of contract) and lit. f (legitimate interest) GDPR.

The purpose of the use is to enable the use of websites for the data subject.

Some features of our website, for example the booking system, cannot be offered without the use of cookies.

Data subjects can disable or restrict the transfer of cookies by altering the settings in their browser. Saved cookies may be deleted at any time. This may also be done automatically. You can find the cookie settings in the help function of your browser. If cookies are deleted or deactivated, it may no longer be possible to use all the functions of the website to their full extent.

4.2.2 Technically unnecessary cookies

We additionally use cookies on our website, which enable an analysis of the surfing behaviour of the users. This way the following data can be transmitted: (1) Entered search terms, (2) frequency of site call-ups, (3) use of website functions, (4) the data of the users collected in this way are pseudonymised by using technical precautions. This means the data cannot be associated with a particular user. The data is not stored alongside other personal user data. When visiting our website for the first time a window with the name "Choose your data protection settings" opened. By clicking on "Analysis", you give us your consent pursuant to Art. 6 Para. 1 S. 1 lit. a GDPR to set the analysis cookies. You can revoke your consent by deleting the cookies saved by us in your browser. You can find the cookie settings in the help functions of your browser.

4.3 The Collection of General Data and Information

We collect, store and use access data each time our website is visited (server logs). This access data includes the name and URL of the requested file, the date and time of the request, the volume of data transmitted, the notification of the successful request (HTTP response code), the browser type and version, the operating system, the referrer URL (the previously visited page), the IP address and the requesting provider.

This log data is not matched to a specific data subject or used for any other forms of profiling; we use it to carry out statistical evaluations in the interest of running, protecting and optimising our website, as well as to anonymously record the number of visitors to our website (traffic), to evaluate how and to what extent our website and services are used, and to measure the amount of clicks received by our cooperation partners and bill them accordingly. This information lets us provide personalised and relevant content for specific locations, analyse our traffic, carry out troubleshooting and improve our services. If there is concrete evidence to suggest the unlawful use of our website, we reserve the right to retrospectively inspect our log files. We store IP addresses in log files for a limited period whenever this is necessary to ensure security, provide our services or invoice for our services, e.g. when data subjects use one of our services. We shall also store IP addresses if we have a concrete reason to suspect a crime related to the use of our website.

4.4 Links/Redirection to Third-Party Websites

We use links on our website, which refer to own contents (within our website those of our group and integrated service providers) and to third party contents (e.g. sites of partners or social media).

Links to own contents are carried out as a text, which is underlined when pointing with the mouse. As content providers, we are responsible for these own contents according to Section 7 Para. 1 German Telemedia Act [Telemediengesetz].

Links to third party contents are carried out as a graphic, logo or symbol. We would like to point out that the third-party contents have own Privacy Policies and we do not assume any responsibility for these. As soon as you click on the link to a third-party content data will be transferred to this target. These are in particular:

Your IP address
the time you clicked on the link
address of the website from which you came
operating system and browser version of your terminal device (user agent)

We would also like to point out that the clicking on links may mean that the aforementioned data are transferred to non-European countries. If you do not wish this to be carried out, please click on no links to third party contents.

5 Special instructions regarding the use of the website as well as bookings

5.1 Instructions regarding the use of this website for informational purposes (no bookings)

The purpose of the processing of personal data is to enable the use of this website. This includes the provision of information about our company as well as the possibility to contact us.

The legal basis for this processing of personal data is the legitimate interest of our company to present itself online and to offer its services, i.e. Art. 6 Para. 1 lit. f GDPR.

If data processing is necessary for compliance with a legal obligation to which our company is subject, the legal basis for this shall be Art. 6 Para. 1 lit. c GDPR.

A storage of the personal data is only carried out if one of these legal bases exists. The personal data of the data subject shall be deleted or blocked as soon as it is no longer required for the purpose for which it was originally stored.

The personal data we collect shall not be used to carry out automated decision-making.

5.2 Instructions regarding the use of this website for booking purposes

The purpose of the processing of personal data is to conclude a contract regarding our services. This includes for example:

Contact with the data subject
Checking the identity of the data subject
Checking the creditworthiness of the data subject
Compliance with the statutory storage deadlines of incoming payments.
Processing of payment transactions

The legal basis for this processing of personal data is Art. 6 Para. 1 lit. b GDPR, as it concerns contractual measures.

If data processing is necessary for compliance with a legal obligation to which our company is subject, the legal basis for this shall be Art. 6 Para. 1 lit. c GDPR.

Over the course of the processing service providers are involved by us, for example for

the provision of our occupancy database
he creation of the interfaces of our occupancy database to booking service providers
the payment processing

For compliance with the data protection provisions agreements on data processing are concluded with these service providers pursuant to Art. 28 GDPR. This serves, among others, the contractual fixation of technical and organisational measures, which are in connection with the processing of the personal data of the data subject.

The personal data we collect shall not be used to carry out automated decision-making

5.3 Instructions regarding the booking through third party providers / booking service providers

If the data subject does not book our services directly via our website, but through a third-party provider, we will receive the personal data of the data subject from this third-party provider. Over the further course of the processing of personal data the information pursuant to Chapter "Instructions regarding the use of this website for booking purposes" shall apply.

6 Rights of Data Subjects

Data subjects may exercise the following rights by contacting us personally or by post at the address indicated above and by clearly proving their identity.

6.1 Right of Access

Data subjects may ask us to confirm whether we are processing their personal data. If we are processing such data, data subjects may ask us to provide the following information:

The purposes of the processing;
The categories of personal data concerned;
The recipients or categories of recipient to whom the personal data has been or will be disclosed;
The envisaged storage period for the personal data or, if exact information cannot be provided, the criteria used to determine the length of this period;
The right to request the rectification or erasure of the personal data or the restriction of data processing, or the right to object to such processing;
The right to lodge a complaint with a supervisory authority;
Any available information regarding the source of the data if it was not collected directly from the data subject;
The possible use of automated decision-making, including profiling, as described in Art. 22 Para. 1 and 4 GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.

Data subjects have the right to obtain information as to whether their personal data is transferred to a third country or international organisation. If their personal data is transferred to a third country or international organisation, they have the right to be informed of the appropriate safeguards for the transfer pursuant to Art. 46 GDPR.

6.2 Right to Rectification

If the personal data of data subjects is inaccurate or incomplete, they may ask us to rectify and/or complete this data. We must rectify the data without undue delay.

6.3 Right to Erasure

Data subjects may ask us to erase their personal data without undue delay, and we must then immediately erase their personal data, provided one of the following grounds applies:

The personal data is no longer required for the purposes for which it was collected or otherwise processed;
The data subject withdraws consent on which the processing is based according to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR, and there are no other legal grounds for the processing;
The data subject objects to processing in accordance with Art. 21 Para. 1 GDPR, and there are no overriding legitimate reasons for this processing, or the data subject objects to processing in accordance with Art. 21 Para. 2 GDPR;
The personal data has been unlawfully processed;
The personal data has to be erased to comply with a legal obligation in Union Law or the Member State legislation to which we are subject;
The personal data has been collected in relation to the services provided by information societies described in Art. 8 Para. 1 GDPR.

If we have made the personal data public and are obliged to erase it in accordance with Art. 17 Para. 1 GDPR, we shall consider the available technology and implementation costs and take reasonable steps, including technical measures, to inform any controllers processing the personal data that the data subject has requested the erasure of all links to such personal data and the destruction of any copies and replications thereof..

6.4 Right to the Restriction of Processing

Data subjects may ask us to restrict the processing of their personal data under the following conditions:

If they dispute the accuracy of their personal data for a period that allows us to verify its accuracy;
The processing is unlawful, and they oppose the erasure of the personal data and request the restriction of its use instead;
We no longer need the personal data for the purposes of the processing, but they require the data to establish, exercise or defend legal claims; or
They have objected to processing pursuant to Art. 21 Para. 1 GDPR and it has not yet been decided whether our legitimate grounds override theirs.

If the processing of their personal data has been restricted, it shall only be processed (with the exception of storage) with their consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of an important public interest of the Union or a Member State.

If data processing has been restricted in accordance with the requirements described above, we shall inform data subjects before the restriction of processing is lifted.

6.5 Right to Data Portability

Data subjects may receive any personal data they have provided to us in a structured, commonly used and machine-readable format, and they may transmit this data to another controller without hindrance from us, provided:

The processing is based on consent pursuant to Art. 6 Para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR, or on a contract pursuant to Art. 6 Para. 1 lit. b; and
The processing is carried out by automated means. In exercising their right to data portability pursuant to Subclause 1, data subjects may have their personal data transmitted directly from us to another controller, provided this is technically feasible.

6.6 Right to Object to Data Processing

Data subjects may always object, on grounds relating to their particular situation, to the processing of their personal data which is based on Art. 6 Para. 1 lit. e or f GDPR, including any profiling based on those provisions. We shall then no longer process

their personal data, unless we can demonstrate compelling legitimate grounds for processing which override their interests, rights and freedoms, or unless their personal data is processed for the establishment, exercise or defence of legal claims.

If we process personal data for direct marketing purposes, data subjects may always object to the processing of their personal data for such marketing, including profiling to the extent that it is related to such direct marketing.

6.7 Automated Decision-Making (incl. Profiling)

Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or affects them in a similarly significant way. This shall not apply if the decision-making:

Is necessary for the conclusion or performance of a contract between the data subject and us;
Is authorised by Union Law or the Member State legislation to which we are subject, and which also lays down suitable measures for the safeguarding of the rights, freedoms and legitimate interests of data subjects; or
Is based on the data subject’s explicit consent.

6.8 Right to Revoke Consent to Data Processing

Data subjects may revoke their consent to the processing of their personal data at any time. The revocation of consent shall not affect the lawfulness of any processing carried out on the basis of their consent before its revocation.

6.9 Right to Lodge a Complaint with a Supervisory Authority

The data subject has the right to lodge a complaint at a supervisory authority, in particular in the member state of their place of abode, their place of work or the place of the presumed breach if they are of the opinion that the processing of the personal data relating to them is illegal.

7 Other Functions and Tools on this Website

7.1 Sharing of site content via social media buttons [Shariff or similar].

We offer users of our website the opportunity to share content from our website via their social media profiles. Plugins of the respective social media provider are used for this purpose. Often, such plugins transmit user data to the servers of the social media provider when the user accesses our website - regardless of whether the user clicks on the plugin or is a member of the social network.

This is different for us: by using a special technique ("Shariff" by CT magazine, https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html), a data connection to servers of the social media provider is only established as soon as the user clicks on the plugin. After the click, the link to our website is shared in the user's social media profile according to the user's respective privacy settings and functions of the provider - for example, to all his or her contacts or only to certain groups of people.

We use this function to increase our public awareness.

The legal basis for this processing of personal data is our legitimate interest in public awareness of our website content, pursuant to Art. 6 Para. 1 lit. f of the EU General Data Protection Regulation (GDPR).

We use plugins from the following providers:

7.1.1 Facebook

Facebook serves as a platform for exchanging news, views and opinions and enables the online community to provide personal or company-related information. In Facebook, users can, among other things, create profiles of themselves, upload photos and network through virtual friendships. If a data subject clicks on a Facebook button on our website Facebook will save this personal data and match it to the data subject’s personal Facebook user account. Data subjects may prevent this information from being submitted to Facebook by signing out of their Facebook account before visiting our website.

Facebook is operated by Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

At https://de-de.facebook.com/about/privacy/, Facebook publishes a data policy that provides information on the collection, processing and use of personal data by Facebook. In addition, the setting options of Facebook for protecting the privacy of the data subject are described there.

7.2 Web Marketing

7.2.1 Google AdSense

Google AdSense is integrated on our website. Google AdSense enables the placement of advertisements on third-party sites. Google AdSense uses an algorithm that selects the advertisements displayed on third-party sites according to the content of the respective third-party site. Google AdSense enables interest-based targeting of internet users, which is realised by creating individual user profiles.

Google AdSense components are operated by Alphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of using Google AdSense is to integrate advertising on our website. Google AdSense stores a cookie on the IT system of the data subject. By setting the cookie, Alphabet Inc. is able to analyse the use of our website. By visiting sub-pages of our website on which Google AdSense is implemented, the web browser automatically saves data on the IT system of the person concerned for the purpose of online advertising and commission settlement with Alphabet Inc. In doing so, Alphabet Inc. obtains knowledge of personal data, such as the IP address of the data subject. This serves Alphabet Inc., among other things, to trace the origin of visitors and clicks.

The data subject can object to the storage of cookies by our website by selecting the appropriate option in the Consent banner; in addition, cookies that have already been stored can be deleted at any time via the settings of the web browser.

When using Google AdSense, the above-mentioned personal data will be transferred to Alphabet Inc. in the United States of America and processed there. Alphabet Inc. may pass on the personal data collected via Google AdSense to third parties.

Further information on Google AdSense is available at https://www.google.de/intl/de/adsense/start/.

7.2.2 Google Ads

On our website, we use Google Ads as a service for Internet advertising. This allows advertisers to place advertisements in Google search engine results and in the Google Network. Specific keywords are determined by the advertiser in advance. If a user searches for one of the keywords in the Google search engine, the advertiser’s advertisement will be displayed as part of the search results.

Advertisements are distributed on relevant websites in the Google Network using an automated algorithm and in accordance with the defined keywords.

Google Ads is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

We use Google Ads to advertise our website by displaying relevant advertising on third-party websites and in Google search engine results; we also use it to display third-party advertising on our own website.

Whenever data subjects access our website through a Google ad, a conversion cookie is placed on their IT system. This cookie loses its validity after 30 days and is not used to identify data subjects. If the cookie has not expired, it lets us see whether certain sub-pages have been accessed on our website (e.g. the shopping basket on our online store). The cookie also allows both us and Google to determine whether revenue has been generated by a data subject who accesses our website through an Ads ad, i.e. whether the data subject has completed or cancelled a purchase.

The information and data collected through the use of the cookie are also used by Google to generate statistics on our website visitors. We then use these statistics to determine the total amount of users who have been redirected to us through ads. This allows us to measure the success of each Ads ad and improve our Ads campaign as a whole. Neither we nor any other Google Ads advertiser shall receive any information from Google that might be used to identify data subjects.

The cookie described above is used to store personal data, such as the websites visited by each data subject. Each time our web pages are visited, personal data (including the IP address of the data subject’s Internet connection) is transferred to Google in the USA. This personal data is then stored by Google in the USA, and Google may transfer the personal data collected through this process to third parties.

Data subjects may prevent our website from placing a cookie at any time by configuring their web browser accordingly and/or permanently disabling the placement of cookies. If data subjects configure their web browser in such a way, Google will not be able to place a conversion cookie on their IT system. Data subjects can use their web browser or another piece of software to delete any cookies placed by Google Ads on their IT system at any time.

Furthermore, data subjects may object to the use of relevant ads by Google. Data subjects can do this by opening the link www.google.de/settings/ads from every web browser they use and setting their desired configuration.

More information and Google’s privacy policy can be found at https://policies.google.com/privacy?hl=de&gl=de.

7.2.3 Google Remarketing

We use Google remarketing on our website. Google remarketing is a function of Google AdWords that lets us show advertising to Internet users who have previously visited our website. The integration of this service lets us tailor our advertising to users by showing them relevant advertisements.

Google remarketing is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

We use Google remarketing to display relevant advertisements. This tool lets us tailor our advertising to the interests of each user and display this through the Google Network or on other websites.

Google remarketing places a cookie on the data subject’s IT system. The placement of cookies allows Google to identify visitors to our website when they access other websites in the Google Network.

Every time data subjects visit a website that uses Google remarketing, their web browser is automatically identified by Google. Google receives personal data as part of this process, such as the user’s IP address and browsing behaviour (i.e. the websites visited by the data subject). This personal data is used by Google to display relevant advertising and to perform other functions.

Each time our web pages are visited, personal data (including the IP address of the data subject’s Internet connection) is transferred to Google in the USA. This personal data is then stored by Google in the USA, and Google may transfer the personal data collected through this process to third parties.

Data subjects may prevent our website from placing a cookie at any time by configuring their web browser accordingly and/or permanently disabling the placement of cookies. If data subjects configure their web browser in such a way, Google will not be able to place a cookie on their IT system. Data subjects can use their web browser or another piece of software to delete any cookies placed by Google on their IT system at any time.

More information and Google’s privacy policy can be found at https://policies.google.com/privacy?hl=de&gl=de.

7.3 Analytical Tools

7.3.1 Google Analytics (with Anonymisation Function)

We use Google Analytics (with anonymisation function) as a web analytics service on our website. Web analytics is the collection, reporting and analysis of data concerning user behaviour on websites. This service is used to record the website from which a data subject has accessed our website (referrer URL), the sub-pages accessed on our website, and how often and for how long a particular sub-page has been displayed. Web analytics is mainly used to improve our website and perform cost-benefit analysis for our web-based advertising.

Google Analytics components are operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

We use the "_gat._anonymizeIp” extension when performing web analytics with Google Analytics.

Whenever our website is accessed from a Member State of the European Union or the European Economic Area, Google uses this extension to truncate and anonymise the IP address of the data subject’s Internet connection.

We use Google Analytics to analyse user behaviour on our website. Google uses the data collected to analyse the use of our website, which allows it to compile reports for us on the activities on our web pages and to provide other services related to the use of our website.

Google Analytics places a cookie on the data subject’s IT system. The placement of cookies allows Google to analyse the use of our website.

Every time a part of our website with an integrated Google Analytics tool is accessed, the data subject’s web browser automatically sends data to Google for web analytics. Google receives personal data during this process, such as the user’s IP address. Google uses this information to track clicks and the origin of visitors, and to subsequently enable the settlement of commission.

The cookie is used to store personal data, such as the access time, the location from where the page was accessed, and the amount of times a data subject has accessed our website. Each time our web pages are visited, personal data (including the IP address of the data subject’s Internet connection) is transferred to Google in the USA. This personal data is then stored by Google in the USA, and Google may transfer the personal data collected through this process to third parties.

Data subjects may prevent our website from placing a cookie at any time by configuring their web browser accordingly and/or permanently disabling the placement of cookies. If data subjects configure their web browser in such a way, Google will not be able to place a cookie on their IT system. Data subjects can use their web browser or another piece of software to delete any cookies placed by Google Analytics on their IT system at any time.

Data subjects may also object to and prevent the collection of data generated by Google Analytics on the use of our website and the processing of this data by Google.

Data subjects can do this by downloading and installing an add-on for their web browser from the following site: https://tools.google.com/dlpage/gaoptout. This add-on informs Google Analytics that it must not transmit any information on visits to websites that use Google Analytics. The installation of this add-on is seen by Google as an objection. If the data subject’s IT system is reinstalled, the data subject will need to reinstall the add-on to disable Google Analytics. If the browser add-on is ever uninstalled or disabled, it can be reinstalled or reactivated.

More information and Google’s privacy policy can be found at https://policies.google.com/privacy?hl=de&gl=de and http://www.google.com/analytics/terms/de.html.

7.4 Social Media

7.4.1 Facebook

We use Facebook components on our website. Facebook is one of the social networks - also called social media.

A social network is an internet-based community whose users can usually exchange information and interact with each other in a virtual setting.

It serves as a platform for exchanging news, views and opinions and enables the online community to provide personal or company-related information. In Facebook, users can, among other things, create profiles of themselves, upload photos and network through virtual friendships.

Every time data subjects visit a page on our website with an integrated Facebook plug-in, their web browser will automatically download a visualisation of the corresponding Facebook video from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. This process allows Facebook to discover which sub-page on our website has been visited by a data subject.

If a data subject is logged in to Facebook while using our website, Facebook will identify which specific sub-pages have been visited during the entire visit to our website. This data is collected by the Facebook plug-in and matched by Facebook to the user's specific Facebook account. If the data subject clicks on a Facebook button attached to our website (e.g. "Like") or if the data subject comments on a post, Facebook assigns this information to the specific Facebook user account of the data subject and stores this personal data.

Whenever the data subject is logged into Facebook at the time of accessing our website, Facebook receives the information that the data subject has visited our website via the Facebook plugin. This will even happen if the data subject does not click on the Facebook plug-in.

Data subjects may prevent this information from being submitted to Facebook by signing out of their Facebook account before visiting our website.

7.4.2 YouTube

We use YouTube videos on our website. YouTube is a platform used to post and view videos for free. It is also possible to leave comments and rate videos.

YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Every time data subjects visit a page on our website with an integrated YouTube plug-in, their web browser will automatically download a visualisation of the corresponding YouTube video from YouTube. For more information, see https://www.youtube.com/yt/about/de/. This process allows YouTube to discover which sub-page on our website has been visited by a data subject.

If a data subject is logged in to YouTube while using our website, YouTube will identify which specific sub-pages have been visited during the entire visit to our website. This data is collected by the YouTube plug-in and matched to the user’s own YouTube account.

If a data subject clicks on a YouTube button on our website, YouTube will save this personal data and match it to the data subject’s personal YouTube user account.

If a data subject is logged in to YouTube when accessing our website, YouTube will be informed that the data subject has visited our website containing a YouTube video. This will even happen if the data subject does not click on the YouTube video. Data subjects may prevent this information from being submitted to YouTube by signing out of their YouTube account before visiting our website.

Google has published a privacy policy at https://www.youtube.de/t/privacy, which provides information on the collection, processing and use of personal data by Google and YouTube.

7.5 Other services

7.5.1 Getty Images

We use Getty Images components on our website. Getty Images is an American photo agency that markets, among other things, photographs, illustrations and film material.

Getty Images components are operated by Getty Images International, 1st Floor, The Herbert Building, The Park, Carrickmines, Dublin 18, Ireland.

Getty Images permits the integration of content stored outside our website, e.g. video or image data. To display this external content, it is loaded from outside when our website is called up. In the process, the IP address, browser type and language, as well as the time of the call of the data subject visiting our website are transmitted to Getty Images.

More information and the Getty Images privacy policy can be found at http://www.gettyimages.de/enterprise/privacy-policy.

7.5.2 Google Maps

We have integrated Google Maps components on our website. The purpose of the component is to show the data subject our location in an interactive map and to give him or her the option of having route suggestions for reaching our location displayed.

Google Maps is operated by Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

By calling up the component, Google receives information that you have called up the respective sub-page of our website. This takes place regardless of whether you are logged into your Google account or not or do not have a Google account at all. If you are logged into your Google account, this data is directly assigned to your Google account. If you do not want this allocation to take place, you must log out of your Google account before clicking on the Google Maps component.

In any case, Google collects data to create usage profiles, e.g. to create advertisements about our website. If you do not want Google to process data about you, you must deactivate JavaScript in your browser settings. Our website may then only be usable to a limited extent.

For more information and the possibility to view and change the data protection settings, please refer to Google's privacy policy: http://www.google.com/privacypolicy.html

7.6 Payment methods

7.6.1 Klarna (purchase on account, hire purchase, instant transfer)

On our website, components of Klarna are integrated, an online payment service provider which, among other things, enables purchase on account. In addition, Klarna offers services such as buyer protection or identity or creditworthiness checks.

Klarna is operated by Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden.

If the data subject selects Klarna as a payment option during the ordering process, data relating to the data subject is automatically sent to Klarna. By selecting Klarna as a payment option, the data subject consents to this data transmission.

The personal data transmitted to Klarna are usually first name, last name, address, date of birth, gender, email address, IP address, telephone number, mobile phone number and data on the desired order. Among other things, there may be a mutual exchange of payment information (e.g. bank details, credit card details), data on goods and services, prices, details of past purchases or other information on the financial situation of the data subject.

The purpose of the transfer of data is in particular identity verification, payment administration and fraud prevention. Personal data is transferred to Klarna in particular if there is a legitimate interest for the transfer. The personal data exchanged between Klarna and us will be transmitted by Klarna to credit agencies. The purpose of this transmission is to check identity and creditworthiness.

Klarna shares personal data with other companies of the Klarna Group insofar as this is necessary to fulfil contractual obligations or the data is to be processed on behalf of Klarna.

In order to decide on the implementation of a contractual relationship, Klarna collects and uses data and information about the past payment behaviour of the data subject as well as probability values for their behaviour in the future (so-called scoring).

The data subject has the option to revoke the consent to the handling of personal data at any time vis-à-vis Klarna. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.

The applicable privacy policy of Klarna can be found at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/de_de/privacy.

7.6.2 PayPal

We use components of PayPal, an internet-based payment service provider, on our website. Payment transactions are processed between PayPal accounts (=virtual private or business accounts). There is no account number in the classic form (IBAN), rather the email address given serves as a feature. With PayPal, payments can be received or transmitted to third parties; furthermore, PayPal assumes trustee functions (for example, for buyer protection).

The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.

By selecting the PayPal payment option during the ordering process in our online shop, the data subject consents to the necessary transmission of personal data. Data of the data subject is automatically transmitted to PayPal - usually first name, last name, address, email address, IP address, telephone number, mobile phone number or other data required for payment processing.

The transmission of the data pursues the purpose of payment processing and fraud prevention and therefore represents a legitimate interest for us. The exchanged personal data of the data subject may be transmitted by PayPal to credit agencies for the purpose of checking identity and creditworthiness. Insofar as this is necessary for the fulfilment of contractual obligations or the data is to be processed on behalf of PayPal, PayPal may also pass on the personal data to affiliated companies, service providers or subcontractors.

The consent to the handling of personal data may be revoked by the data subject vis-à-vis PayPal at any time. However, this revocation does not affect personal data that must be processed, used or transmitted for payment processing.

At https://www.paypal.com/de/webapps/mpp/ua/privacy-full, PayPal publishes a data policy that provides information on the collection, processing and use of personal data by PayPal.

7.6.3 Skrill

We have integrated Skrill components on our website. Skrill is an online payment service provider. Payments are processed via the so-called Skrill Wallet, which is a virtual electronic purse. Skrill also offers the possibility to process virtual payments via credit cards. A Skrill wallet is managed via an email address. Skrill makes it possible to trigger online payments to third parties or to receive payments.

Skrill is operated by Skrill Limited, Floor 27, 25 Canada Square, London, E14 5LQ, United Kingdom.

If the data subject selects "Skrill" as a payment option during the ordering process in our online shop, data of the data subject will be automatically transmitted to Skrill. By selecting this payment option, the data subject consents to the transmission of personal data required for payment processing.

The personal data exchanged with Skrill is the purchase amount and the email address, which are necessary for processing the payment. The purpose of the data transfer is payment processing and fraud prevention. We will also transfer other personal data to Skrill if there is a legitimate interest for the transfer. The personal data exchanged between Skrill and us may be transmitted by Skrill to credit agencies. The purpose of this transmission is to check identity and creditworthiness.

Skrill may disclose the personal data to affiliated companies and service providers or subcontractors to the extent necessary to fulfil its contractual obligations or to process the data on its behalf.

The data subject has the option to revoke the consent to the handling of personal data at any time vis-à-vis Skrill. A revocation does not affect personal data that must be processed, used or transmitted for (contractual) payment processing.

The applicable privacy policy of Skrill can be found at https://www.skrill.com/de/fusszeile/datenschutzbestimmungen/.

Gebbertstr. 125c
91058 Erlangen

+49 9131 92055 500

info@servento-boardinghouse.de