.jpg)
.jpg)
DATA POLICY
With this privacy policy, we, Skischule Top Dienten (hereinafter: "we" or "us"), inform you about the processing of your personal data (hereinafter also just "data") when you visit our website https://www.skischule-top.com and use our services. We also inform you about your rights. If you do not understand the terms we use in this privacy policy, our explanations under "Help with data protection terms" may help you. If you have any questions about data protection, you are welcome to contact us (informally) using the contact details provided below.
The person responsible for data processing is:
Skischule Top Dienten, Sonnberg 24, 5652 Dienten am Hochkönig, Austria
Tel.: +43 660 629 2667
The data protection officer is:
Lukas Wimmer, info@skischule-top.com
I. Data processing when you visit our website
II. Data processing when events take place
III. Data processing when our online presence takes place
IV. Data processing when applications are submitted
V. Routine deletion and blocking of data
VI. Your rights
VII. Help with data protection terms
VIII. Security
IX. Validity and changes to the data protection declaration
X. Your questions about data protection
I. Data processing when you visit our website
When you visit our website, we process your personal data. The purpose of this data collection and processing as well as the transfer of your data to third parties is explained to you in the scope described below.
II. Provision of our website and services
To be able to provide our website and the services provided through it, we automatically collect and process data from you during your visit to our website.
The following data is collected and processed from you to provide our website:
Date and time of your access
The address of the website you used to access us
The websites you visit on our website
Information about your internet browser (browser type and version)
The operating system of the device you use to access our website and services
Your internet service provider
For security reasons, we store this information in log files, but without your IP address, and delete it after 30 days. The data contained in the log files is stored separately from your other data.
Longer storage is only necessary in individual cases (e.g. if there is suspicion of misuse or fraud). In these cases, the respective log files are stored until the matter has been clarified and any necessary subsequent measures have been completed.
III. Integration of WIX
Our website was created with the service provider "WIX.com". Wix is a website-building platform.
Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel
Phone number: +972 (3) 545-4900
Fax: +972 (3) 546 6407
Email address: support@wix.com
Represented by the Board of Directors: https://investors.wix.com/board-of-directors
Wix.com Ltd. is a company registered in Israel.
Company registration number of the State of Israel: 513881177
VAT identification number: 513881177
Wix may store your website visitors' data in various locations. For example, your visitors' personal data may be stored in data centers in the United States of America, Ireland, South Korea, Taiwan or Israel. We may apply other jurisdictions to the extent necessary for the proper performance of our services and/or required by law.
Wix is a global company that respects the laws of the jurisdictions in territories in which it operates. The processing of User's Customer Data may take place in the territory of the European Union, Israel or a third country, territory or one or more specific sectors within that third country that the European Commission has decided to ensure an adequate level of protection (transfer based on an adequacy decision).
Important: Any transfer to a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission will be carried out following the Standard Contractual Clauses (2010/87/EU) in Annex 1 to the Wix Data Processing Agreement.
Wix implements and maintains several technical and organizational security measures to protect the data and assets of our customers and our customers' customers. Our Security Team leads the moderation and development of procedures, processes and controls that ensure the security and integrity of Wix and our users. For more information, see the detailed breakdown of Wix's security measures.
For more information on WIX's data protection, see https://support.wix.com/de/article/dsgvo-eu-datenschutz-grundverordnung-dsgvo
In order to be able to provide you with our website and the services provided through it, we use service providers who process your data provided in this privacy policy exclusively on our behalf and in accordance with our instructions (so-called data processors pursuant to Article 28 GDPR) and who have taken appropriate technical and organizational measures to protect your rights. We use the service of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, to host the website, including related services. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. There is a risk that your data will be processed in and transferred to the USA, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection corresponding to European standards. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes.
To ensure a secure level of data protection, we have concluded EU standard contractual clauses with the service provider. The legal basis for processing your data to provide our website and services is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR. We have a legitimate interest in processing your data so that we can offer you our website and the services provided through it in a technically flawless, secure and optimized manner for your needs. The data in the server log files is stored separately from other data.
Use of cookies and similar technologies
When you visit our website, we also collect and use data from you so that you can use our website and services more conveniently and to measure and improve the effectiveness of our marketing measures. Cookies that are not absolutely necessary are only set with the user's consent following Article 6 Paragraph 1 Sentence 1 Letter a) GDPR. We also use so-called cookies and cookie-like technologies such as pixel tags (i.e. small transparent graphics, also known as web beacons). Cookies are small text files that are stored on your device via your Internet browser. More details on the term and functionality of cookies and other data protection and technical terms can be found here.
We use a consent manager ("cookie banner") from Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich. As part of consent management, we offer you the option of deciding on the setting of cookies in the area of our offering according to your specifications. All information about the individual cookies, in particular their provider and intended use, the storage period, the assignment to the selectable categories (required, statistics and marketing) and legal basis can be found in this data protection declaration and in the "cookie banner".
You have the option of changing the decision made there at any time and subsequently granting or withdrawing your consent. You can access the setting options here. You can find more information about Usercentrics in the data protection declaration at https://usercentrics.com/de/datenschutzerklaerung/.
You can find out more about the use of cookies in this data protection declaration in the section related to the use of cookies. You can also find further information about cookies and the individual providers on the websites http://www.meine-cookies.org and http://www.youronlinechoices.com.
III. Contacting us (particularly when using forms)
You have the option of contacting us in various ways. When you contact us by email or via a contact form, the data you provide (your email address, possibly your name and your telephone number) will be stored by us in order to answer your questions and process your concerns. The legal basis in this respect is Art. 6 Paragraph 1 Clause 1 Letter f) of GDPR. Our legitimate interest lies in establishing and maintaining a customer relationship. If we request input via our contact form that is not required to make contact, we have always marked this as optional. This information is used by us to specify your request and to improve the processing of your request. This information is provided on an expressly voluntary basis and with your consent, Art. 6 Paragraph 1 Clause 1 Letter a) GDPR. If this involves information on communication channels (e.g. email address, telephone number), you also consent to us contacting you via this communication channel if necessary to answer your request. You can of course revoke this consent at any time for the future.
Something different only applies if the content of your contact is used directly to carry out a contractual relationship between us. In these cases, we base the processing of your data on Article 6 Paragraph 1 Clause 1 Letter b) GDPR.
Your data stored in connection with the contact will be deleted as soon as it is no longer required and as long as it is not subject to any statutory retention periods. The check as to whether storage is necessary is carried out at least once a year.
IV. Use of anti-spam service
We use reCaptcha v2 on our websites. reCaptcha is an offer from Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
ReCaptcha is used to prevent improper automated entries in web forms and thus to protect the hoster's technical systems.
When you visit one of our websites in which reCaptcha is integrated, a connection is established to Google's servers. A reCaptcha cookie is set. Your IP address is transmitted to Google.
In addition, reCaptcha uses "fingerprinting" to record the following data:
- browser plug-ins used
- cookies set by Google in the last 6 months
- number of mouse clicks and touches you have made on this screen
- CSS information for the page you have called up
- Javascript objects
- the date
- the browser language
You can prevent the storage of cookies and fingerprinting by selecting the appropriate technical settings in your browser software; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
There is a risk that your data will be processed in the USA and transferred there, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection corresponding to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent by Article 49 paragraph 1 sentence 1 letter a) GDPR. This can be revoked at any time with effect in the future.
V. Integration of third-party content
We have integrated third-party content in some places on our website. These include videos, map services, images or fonts. In connection with the integration of this content, it is technically necessary that we inform the third parties offering it of your IP address so that they can show you the content. We do not store your IP address for the purpose of integrating third-party content. The third-party providers may use your IP address, the use of cookies, and other technologies (e.g. pixel tags, i.e. invisible graphics) to track your surfing behavior and, in addition to your IP address, process other technical information (including browser type/version, operating system used, the page you previously visited, the host name of the accessing device and the time, as well as other information on the use of our online offer).
A more detailed description of who we embed content from and how your data is processed can be found below in the respective description of the embedded content.
These plugins normally collect data from you by default and transmit it to the servers of the respective provider. To ensure the protection of your privacy, we have taken technical measures to ensure that your data cannot be collected by the providers of the respective plugin without your consent. When you visit a page on which the plugins are integrated, they are initially deactivated unless you have given your consent within the Consent Manager ("Cookie Banner"). If you have not given your consent, the plugin will only be activated when you click on the respective symbol. You thereby give your consent for your data to be transferred to the respective provider. The legal basis for the use of the plugins is Art. 6 Para. 1 lit. a) GDPR.
1. Google Maps Plug-In
This site uses the Google Maps map service. Google Maps is a map service provided by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
To use the functions of Google Maps, information, including the IP address and the address entered as part of the route function, may be transferred to the provider's servers. This information is usually transferred to a Google server in the USA and stored there. When you visit a website that contains Google Maps, your browser establishes a direct connection to Google's servers, whereby the map content is sent to your browser and integrated by it. We have no influence on this data transfer. According to current knowledge, this includes the following data:
- Date and time of the visit to the website in question,
- Internet address or URL of the website accessed,
- IP address, (starting) address entered as part of route planning
Google Maps is used in the interest of an attractive presentation of our online offers and to make the locations we specify on the website easy to find. If you do not want Google to process data via this service, you can deactivate the use of JavaScript in your browser settings. Please note that in this case the interactive map function of Google Maps cannot be used.
If you have not given your consent as part of the Consent Manager, you have the option of giving it subsequently as part of the so-called "2-click process". When you visit a page in which Google Maps is embedded, a connection to the Google servers is only established when you click on the button to confirm. In this case, Google will set cookies and use your visit data for its own purposes. If you are logged in to Google at this time, the information about the videos you watch will be assigned to your Google member account. You can prevent this by logging out of your member account before visiting our website.
There is a risk that your data will be processed in the USA and transferred there, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection corresponding to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent in accordance with Article 49 paragraph 1 sentence 1 letter a) GDPR. This can be revoked at any time with effect in the future.
You can find more information about how user data is handled in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.
The legal basis for this data processing is your consent in accordance with Art. 6 Para. 1 Clause 1 Letter a) GDPR. You can revoke your consent at any time with effect for the future by calling up the cookie settings here and changing your selection there.
2. Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
Google Web Fonts are used in the interest of a uniform and attractive presentation of our online offers with regard to efficiency and cost-saving considerations. This represents a legitimate interest within the meaning of Art. 6 Para. 1 Letter f) GDPR. If your browser does not support web fonts, a standard font from your computer will be used.
You can find more information about Google Web Fonts in Google's privacy policy: https://www.google.com/policies/privacy/.
VI. Booking our services
For our services, you have the option of booking e-bike tours and reserving e-bikes. The following data collected is used to carry out the respective service: title, first name, last name, email, telephone number, body size and e-bike selection.
The legal basis for this data processing is Article 6 paragraph 1 sentence 1 letter b) GDPR.
VII. Use for analysis purposes
If you consent, we process data when you visit our website using the tools listed below in order to be able to understand the behavior of visitors to our website, optimize our website and adapt it to the interests of visitors. The legal basis for this is your consent in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR.
1. Google Analytics (with anonymization function)
On this website we use the web analysis service Google Analytics (with anonymization function) of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
The purpose of the Google Analytics component is to analyze the use of our website by visitors. As our processor, Google provides us with reports in accordance with Article 28 GDPR, with which we can display and evaluate the activities on our websites. A Google Analytics cookie is stored on the device you use to visit our website. When you access individual pages of this website, the Google Analytics component automatically causes the Internet browser on your device to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google receives information about your personal data, in particular information about the browser type/version, operating system used, the page you previously visited, the host name of the accessing device, IP address and the time of the request, which Google uses, among other things, to track the origin of visitors and clicks. However, this data is not merged with other data about you. In addition, we use the function whereby the IP address of your internet connection is automatically shortened by Google and thus anonymized if you access our website from a member state of the European Union or from another contracting state to the Agreement on the European Economic Area.
There is a risk that your data will be processed in and transferred to the USA, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection corresponding to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent in accordance with Article 49 Paragraph 1 Sentence 1 Letter a) GDPR. This can be revoked at any time with effect for the future. To ensure a secure level of data protection, we have also concluded EU standard contractual clauses with the service provider.
You can find further information and Google's applicable data protection regulations at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link: https://www.google.com/intl/de_de/analytics/
We have configured Google Analytics so that the data underlying the reports is deleted after 26 months at the latest.
The legal basis for this data processing is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) of GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings here and changing your selection there.
VIII. Use for marketing purposes
If you give your consent, we collect and process data on our website using the tools listed below in order to be able to show you more suitable advertising on this and other websites (re-marketing/re-targeting) and to measure the success of our advertising measures. We work with providers who help us in particular to understand whether users come to us via certain advertising measures (so-called conversion tracking). In this context, pseudonymized user profiles are also created. The legal basis for this is your consent in accordance with Article 6 Paragraph 1 Sentence 1 Letter a of the GDPR.
Google Marketing Services
We use marketing services from Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA on these websites. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
The services used include:
AdWords: Using the Google AdWords service allows us to carry out conversion tracking, i.e. it is possible to determine whether you have reached our website via a Google ad. We are not able to identify you on this basis. Only statistics are created.
Google Re-Marketing: Using Google's re-marketing function allows us to show the user interest-based advertisements within the Google advertising network that relate to content that the user has previously accessed on our website. This can also be done across devices.
Google Snydication: This is a domain owned by Google that is used to store and load ad content and other resources related to ads for Google AdSense and DoubleClick from the Google CDN.
The legal basis for this data processing is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) of GDPR. You can revoke your consent at any time with effect for the future by calling up the cookie settings here and changing your selection there.
Google Tag Manager: The use of the Google Tag Manager service only enables us to integrate the services listed by implementing the other cookies/tags and the integration of the Consent Manager ("cookie banner"). The legal basis for the processing is our legitimate interest in accordance with Art. 6 Paragraph 1 Clause 1 Letter f) GDPR, which lies in optimizing our site and complying with the provisions of the GDPR through a Consent Manager.
As part of the services mentioned, Google uses cookies and cookie-like technologies such as pixel tags (i.e. small transparent graphics, also known as web beacons) and processes your personal data, in particular information about the browser type/version, operating system used, the page you previously visited, the host name of the accessing device, IP address and the time of the request as well as offers, search terms and content in which you were interested. This data is transferred to Google. Usage profiles are created on a pseudonymized basis. This means that we cannot identify you on this basis. You can find more information on this at https://policies.google.com/technologies/types
The cookies are automatically deleted after 30 days. You can object to or adjust the use of interest-based advertising here: https://www.google.com/ads/preferences/?hl=de
There is a risk that your data will be processed in the USA and transferred there, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection there that corresponds to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent in accordance with Article 49 paragraph 1 sentence 1 letter a) GDPR. This can be revoked at any time with effect for the future. To ensure a secure level of data protection, we have also concluded EU standard contractual clauses with the service provider.
You can find further information and Google's applicable data protection regulations at https://policies.google.com/privacy. The functionality of the Google Marketing services is explained in more detail at this link: https://policies.google.com/technologies/ads
Facebook Pixel / Facebook Custom Audiences
As part of usage-based online advertising, we use the Custom Audiences service from Meta Platforms, Inc. (1601 S. California Avenue, Palo Alto, CA 94304, USA). For this purpose, we use the Facebook Ads Manager to define target groups of users based on certain characteristics, who are then shown advertisements within the Facebook network. Users are selected by Facebook based on the profile information they provide and other data provided through the use of Facebook. If a user clicks on an advertisement and then goes to our website, Facebook receives the information that the user has clicked on the advertising banner via the Facebook pixel integrated on our website. In principle, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which is transmitted to Facebook for analysis and marketing purposes. A Facebook cookie is set. This collects information about your activities on our website (e.g. surfing behavior, subpages visited, etc.). Your IP address is also stored and used to geographically target advertising. We do not use Facebook Custom Audiences via the customer list, nor the "extended matching" function. The data is deleted after 720 days at the latest.
There is a risk that your data will be processed in the USA and transferred there, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection there that corresponds to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent in accordance with Article 49 paragraph 1 sentence 1 letter a) GDPR. This can be revoked at any time with effect for the future.
You can find Facebook's privacy policy here: https://www.facebook.com/policy.php - You can object to the collection by the Facebook pixel and use of your data here: https://www.facebook.com/settings?tab=ads.
The legal basis for this data processing is your consent in accordance with Art.6 Paragraph 1 Clause 1 Letter a) of GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings here and changing your selection there.
VIIII. Use of social plugins
We use so-called "social plugins" from various social networks (hereinafter: "plugin providers") on our website. A social network is a social meeting place operated on the Internet that enables users to communicate with each other and interact in virtual space. In order to protect your privacy, we have taken technical measures to ensure that your data cannot be collected by the providers of the respective plugin/tool without your consent.
These plugins normally collect data from you by default and transmit it to the servers of the respective provider. In order to protect your privacy, we have taken technical measures to ensure that your data cannot be collected by the providers of the respective plugin without your consent. When you visit a page on which the plugins are integrated, they are initially deactivated unless you have given your consent within the Consent Manager ("Cookie Banner"). If you have not given your consent, the plugin will only be activated by clicking on the respective symbol. You thereby give your consent for your data to be transferred to the respective provider. The legal basis for the use of the plugins is Art. 6 Paragraph 1 Letter a) GDPR.
After activation, the plugins/tools also record personal data such as your IP address and send it to the servers of the respective provider, where it is stored. In addition, activated social plugins/tools set a cookie with a unique identifier when you access the relevant website. This also allows the providers to create profiles of your usage behavior. This also happens if you are not a member of the social network of the respective provider. If you are a member of the provider's social network and are logged into the social network during your visit to this website, your data and information about your visit to this website can be linked to your profile on the social network. We have no influence on the exact extent of the data collected from you by the respective provider.
For more information about the scope, type and purpose of data processing and about rights and setting options for protecting your privacy, please refer to the data protection information of the respective provider of the social network. These can be accessed at the following addresses:
1. Facebook
The social plugins of the social network Facebook are operated by Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (www.facebook.com), and Meta Platforms Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (www.facebook.de) ("Facebook"). An overview of Facebook plugins can be found here: http://developers.facebook.com/docs/plugins; Information on data protection at Facebook can be found here: www.facebook.com/policy.php
If you have not given your consent as part of the Consent Manager, you have the option of giving it subsequently as part of the so-called "2-click process". When you visit a page in which Facebook is embedded, a connection to the Facebook servers is only established when you click on the "Confirm" button. In this case, Facebook will set cookies and use your visit data for its own purposes. If you are logged into Facebook at this time, the information about the videos you watch will be assigned to your Facebook member account. You can prevent this by logging out of your member account before visiting our website.
there is a risk that your data will be processed in the USA and transferred there, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection there that corresponds to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent in accordance with Article 49 Paragraph 1 Sentence 1 Letter a) GDPR. This can be revoked at any time with effect for the future.
If you would like to object to the collection of data by Facebook for the future, you can do so here: https://www.facebook.com/settings?tab=ads. The legal basis for this data processing is your consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings here and changing your selection there.
2. Instagram
Instagram plugins are operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). You can find more information about this in Instagram's privacy policy (https://help.instaqram.com/15583370790Q388).
If you have not given your consent as part of the Consent Manager, you have the option of giving it subsequently as part of the so-called "2-click process". When you visit a page in which Instagram is embedded, a connection to the Instagram servers is only established when you click on the "Confirm" button. In this case, Instagram will set cookies and use your visit data for its own purposes. If you are logged into Instagram at this time, the information about the videos you watch will be assigned to your Instagram member account. You can prevent this by logging out of your member account before visiting our website.
There is a risk that your data will be processed in the USA and transferred there, i.e. a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequacy decision by the EU Commission for this country that guarantees that there is a level of data protection corresponding to the European standard. According to the European Court of Justice (ECJ), there is a particular risk that data will be processed unnoticed by US authorities for surveillance purposes. The legal basis for the processing of your data is your consent in accordance with Article 49 paragraph 1 sentence 1 letter a) GDPR. This can be revoked at any time with effect for the future.
Information on data protection at Instagram can be found here: https://help.instagram.com/155833707900388/
The legal basis for this data processing is your consent in accordance with Art.6 paragraph 1 sentence 1 letter a) GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings here and changing your selection there.
X. Data processing in the context of our online presences
In addition to the website, we are also represented on online platforms and social networks. If you visit these online presences and communicate with us about them, the terms and conditions and data protection guidelines (see below) and this data protection declaration apply. In this respect, we may be jointly responsible with the provider for data protection in accordance with Article 26 GDPR.
Your data may be processed for analysis and advertising purposes. This is done, for example, by creating user profiles from your usage behavior and the interests resulting from it. Cookies are usually used to save the user profiles, which make it possible to analyze your usage behavior and interests. The user profiles are generally used to enable the respective provider or elsewhere on the Internet to display advertisements that correspond to your interests. In addition, other data may also be stored in addition to the user profiles, especially if you are a registered user of the respective provider's platform and are logged in to it. For a detailed description of the processing of the respective providers and the consent (opt-in), we refer to the information provided by the providers linked below.
If you visit our online presence and communicate via these online presences, the data processing that takes place is based on your consent (Article 6 paragraph 1 sentence 1 letter a) GDPR) if you have given it. Your consent can be revoked at any time (see V. Your rights / 5. Right of revocation for consents). Otherwise, data processing, in particular communication with us, is based on legitimate interests (Article 6 paragraph 1 sentence 1 letter f) GDPR. In this respect, our interest is to be able to offer you an online presence that is as informative, tailored to you and appealing as possible.
We will delete your data (in particular the content of our communication) as soon as it is no longer required for the respective purpose and to the extent that this is possible for us. You have the rights vis-à-vis us and the provider listed under "Your rights" (see below). Since access to your data is sometimes only possible for the respective provider, you should also assert your rights against them.
Facebook: https://www.facebook.com/top.dienten
Instagram: https://www.instagram.com/skischuletopdienten/
Instagam: https://www.instagram.com/skischuletopdienten/
If you communicate with us via these online presences, we process the data in your messages and posts, depending on the content they contain and the purposes pursued with the communication, either on the basis of Article 6 Paragraph 1 Sentence 1 Letter b) GDPR or Article 6 Paragraph 1 Sentence 1 Letter f) GDPR. Your data will be deleted, as far as the online presence allows, as soon as it is no longer required for the respective purpose.
Facebook
Facebook (Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (www.facebook.com) and Meta Platforms Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (www.facebook.de)) enables us to receive your anonymized data on so-called fan pages using the Facebook Insight function, which is available as an indispensable part of the user relationship. This data is collected using cookies, each of which contains a unique user code. The user code can be linked to your Facebook login data if you are registered with Facebook and is collected and processed when you access the fan page. Facebook provides more information on this at the following link: http://de-de.facebook.com/help/pages/insights.
How Facebook uses the data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties is not conclusively and clearly stated by Facebook and is not known to us. When you access a Facebook page, the IP address assigned to your device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for "German" IP addresses).
Facebook also stores information about the devices of its users (e.g. as part of the "login notification" function); this may enable Facebook to assign IP addresses to individual users. If you are currently logged in to Facebook as a user, there is a cookie with your Facebook ID on your device. This enables Facebook to track that you visited this page and how you used it. This also applies to all other Facebook pages. Facebook buttons integrated into websites enable Facebook to record your visits to these websites and assign them to your Facebook profile. This data can be used to offer content or advertising tailored to you. If you want to make it more difficult for Facebook to track you, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies on your device and close and restart your browser. This deletes Facebook information that can be used to identify you directly. This allows you to use our Facebook page without Facebook being able to identify you via your cookies.
When you access interactive functions on the page (like, comment, share, messages, etc.), a Facebook login screen appears. After logging in, you can be recognized directly by Facebook as a specific user.
Information on how to manage or delete information about you can be found on the following Facebook support pages: https://de-de.facebook.com/about/privacy#.
As the provider of the information service, we also collect and process the following data from your use of our service:
DataPurpose of useLegal basis
User interactions (postings, likes, etc.)User communicationArt. 6 Para. 1 lit. f GDPR
Facebook cookies*Target group advertisingArt. 6 Para. 1 lit. a GDPR
Demographic data (e.g. based on age, place of residence, language or gender information)Target group advertisingArt. 6 Para. 1 lit. f GDPR
Statistical data on user interactions in aggregated form, i.e. without personal reference for us (e.g. page activities, page views, page previews, likes, recommendations, posts, videos, page subscriptions including origin, times of day)Target group advertisingArt. 6 para. 1 lit. f GDPR
Instagram
Information on data protection at Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA) and an option to object can be found here: http://instagram.com/about/legal/privacy/
XI. Routine deletion and blocking of data
We generally only store your data for the period necessary to achieve the storage purpose or if this is specified by the European directive and regulatory authority or another legislator in laws or regulations to which we are subject. In Germany, there is a particular obligation to store data for 6 years per Section 257 Paragraph 1 of the German Commercial Code (in particular commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, and accounting documents). According to Section 147 Paragraph 1, 3 of the German Fiscal Code, 10 years for books, records, management reports, accounting documents, and documents relevant to taxation and 6 years in particular for commercial and business letters. If the storage purpose no longer applies or a legally prescribed storage period expires, your personal data will be blocked or deleted routinely and following the statutory provisions. Please also note the specific information on individual storage and deletion periods in this data protection declaration.
XII. Your rights
As a person affected by data processing (Article 4 No. 1 GDPR), you have numerous rights with regard to us, which we would like to inform you about below. You can also find details in Articles 15 to 21 of the GDPR and Sections 32 to 37 of the BDSG (in the version applicable from May 25, 2018).
To assert your rights, please contact the following address (informally if you like):
Email: info@bike-muehlbach.com
1. Right to information
You have the right to receive information from us about whether and which data we process about you. This includes, among other things, information about how long and for what purpose we process the data, where it comes from and to which recipients or categories of recipients we pass it on. You can also receive a copy of this data from us.
2. Right to rectification
You have the right to have us rectify any information about you that is incorrect or no longer correct immediately. You can also request that your incomplete personal data be completed. If this is required by law, we will also inform third parties of this correction if we have passed your data on to them.
3. Right to erasure (“right to be forgotten”)
You have the right to request that we immediately erase your personal data if one of the following reasons applies:
Your data is no longer necessary for the purposes for which it was collected or otherwise processed, or the purpose has been achieved;
You withdraw your consent and there is no other legal basis for the processing;
You object to the processing and there are no overriding legitimate reasons for the processing; if personal data is used for direct marketing purposes, a sole objection to the processing on your part is sufficient;
Your personal data has been processed unlawfully;
The erasure of your personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which we are subject.
Please note that your right to erasure may be restricted by legal provisions. These include in particular the restrictions listed in Article 17 GDPR and Section 35 of the Federal Data Protection Act (in the version applicable from May 25, 2018).
4. Right to restriction of processing (blocking)
You have the right to request that we restrict the processing of your personal data if one of the following conditions is met:
You contest the accuracy of your personal data for a period that enables us to verify the accuracy of the personal data;
the processing is unlawful and you refuse to delete the personal data and instead request that the use of your personal data be restricted;
we no longer need your personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims, or
You have objected to the processing as long as it has not yet been determined whether our legitimate reasons outweigh yours.
If you have obtained a restriction on processing in accordance with the above list, we will inform you before the restriction is lifted.
5. Right of revocation for consents
You can revoke your consent given to us at any time with effect for the future. This revocation can be made in the form of an informal message to the contact addresses mentioned above. This also applies to consents that you gave us before the GDPR came into force (i.e. before May 25, 2018). If you revoke your consent, this will not affect the legality of the data processing that has taken place up to that point. The consequence of a revocation is usually that you can no longer use our service for which we asked for your consent, or can no longer use it to its full extent.
6. Right to data portability
You have the right to receive personal data concerning you that you have made available to us in a structured, common and machine-readable format and to transmit this data to others. Details and restrictions can be found in Article 20 of the GDPR. The exercise of this right does not affect your right to deletion.
7. Right to complain to the supervisory authority
If you believe that the processing of your data by us violates applicable data protection law, you have the right to complain to one of the competent supervisory authorities, i.e. in particular the Hamburg Commissioner for Data Protection and Freedom of Information or the respective supervisory authority in the member state of your residence, your place of work or the place of the alleged data protection violation.
8. Right of objection under Article 21 GDPR
In particular, according to Article 21 GDPR, you have the right to object to the processing of your data at any time for reasons arising from your particular situation if we base this processing on legitimate interests in accordance with Article 6 paragraph 1 sentence 1 letter f) GDPR. If you object, we will no longer process your personal data, except in two cases:
· we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or
· the processing serves to assert, exercise or defend legal claims.
In particular, if we process your personal data for direct marketing purposes (e.g. as part of our newsletter), you have the right to object at any time to the processing of your data for the purpose of such advertising. If you object to the processing of your data for direct marketing purposes, we will no longer use your personal data for this purpose.
XIII. Help with data protection terms
In this data protection declaration, we use some terms that have also been used by the legislator, in particular in the European General Data Protection Regulation (GDPR). Since it is important to us that this data protection declaration is understandable for you, we will explain some important terms in alphabetical order below:
Processor: This is a natural or legal person, authority, institution or other body that processes personal data on behalf of a controller.
Affected person: This is any identified or identifiable natural person whose personal data is processed by the controller.
Browser: This is a program for displaying websites on the Internet, for example the Mozilla Firefox or Google Chrome programs.
Cookies: These are small text files that contain a characteristic character string (cookie ID) and that are stored on your device (e.g. smartphone or computer) via an Internet browser, unless you prevent this through technical settings. Cookies enable the websites and servers you visit to distinguish your individual browser from other internet browsers. A specific internet browser can therefore be recognized and identified using the unique cookie ID. This makes it easier for you to use our website, as you only have to enter certain data once, for example. Where possible, we use cookies that are deleted when you close your browser (so-called session cookies). In addition, we also use cookies that are stored on your computer for a longer period of time (so-called persistent cookies). In addition to the option of configuring your browser so that it does not accept cookies, you can delete cookies that have already been set at any time using an internet browser or other programs. Please note, however, that not using cookies may mean that not all functions of our website or services are fully usable.
Third-party: This is a natural or legal person, public authority, agency or other body (other than the data subject), the controller, the processor and the persons who, under the direct responsibility of the controller or processor, are authorised to process the personal data.
Restriction of processing: This is a marking of stored personal data in such a way that its future processing (e.g. with regard to certain processing purposes) is restricted.
Consent: This is any expression of will given voluntarily by the data subject for the specific case in an informed and unambiguous manner in the form of a statement or other unambiguous confirmatory act by which the data subject indicates that he or she agrees to the processing of personal data concerning him or her.
Recipient: This is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, regardless of whether it is a third party or not.
IP address: This is an address that is assigned to your device (e.g. smartphone or computer) on the Internet so that your device can be addressed and reached there.
Pixel tags (web beacons): These are small, usually invisible graphics that are integrated into websites and other services in order to be able to carry out statistical evaluations, usually for marketing purposes.
Personal data: This is all information that relates to an identified or identifiable natural person (also called the "data subject"). A natural person is considered identifiable if he or she can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Profiling: This is a type of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation: This is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of further information. This is especially the case if the additional information is kept separately and technical and organizational measures have been taken to ensure that the assignment to an identified or identifiable natural person is no longer possible with reasonable effort.
Processing: This is any operation or set of operations carried out with or without the aid of automated procedures in connection with personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, erasure or destruction.
Controller or person responsible for processing: These are the natural or legal persons, authorities, institutions or other bodies that alone or jointly with others decide on the purposes and means of processing personal data.
XIV. Security
We use technical and organizational security measures to protect your personal data against misuse, loss, destruction or access by unauthorized persons. Our security measures correspond to the current state of the art.
XV. Validity and changes to the data protection declaration
The data protection declaration is currently valid and dated June 11, 2021.
Due to the further development of our website or the implementation of new technologies, it may become necessary to change this data protection declaration. We reserve the right to make appropriate changes at any time.
XVI. Your questions about data protection
If you have any questions about this data protection declaration or your rights, please contact: info@skischule-top.com