The subject matter of the data protection is personal data (hereinafter also referred to as data). Said data is all information relating to an identified or identifiable natural person. This includes information such as name, address, profession, email address, state of health, income, marital status, genetic features, telephone number and, where applicable, also user data such as the IP address.
The controller for the processing of your personal data in the context of using the website www.mosellandtouristik.de (hereinafter referred to as website) is Mosellandtouristik GmbH (hereinafter referred to as provider or controller).
The contact information is below:
Mosellandtouristik GmbH
Kordelweg 1
54470 Bernkastel-Kues
CEO: Thomas Kalff
Phone: +49 (6531) 9733 -0
Fax: +49 (6531) 9733 -33
Email: info@mosellandtouristik.de
Data Protection Officer: Steffen Wagner. The Data Protection Officer can be contacted under the email address datenschutz@mosellandtouristik.de.
Insofar as you wish to object to the processing of your data by the provider in accordance with this privacy statement overall or for individual measures, you may do so using the contact data indicated in the imprint. Please note that in the event of such an objection, the use of the website and the access to services offered via said website is, under certain circumstances, possible only in a limited manner or not possible at all.
Each time the website and its associated pages is accessed, usage data is transmitted by the respective internet browser and stored in log files (server log files).
The data sets stored in this case contain the following data:
The log files are evaluated in an anonymised manner by the provider in order to further improve the website and make it user-friendly, to find and to correct errors more quickly and to control server capacities. It can therefore, for example, be understood at what time the usage of the website is particularly popular and the provider can provide corresponding data volumes. The data collected by the provider is required in order to enable access to and use of the website. This is data that has to be collected and processed when using a telecommunications system. This processing is permitted in accordance with Art. 6 (1) (f) GDPR. The provider's legitimate interest is to provide a website with information, offer services to its customers and optimise the operation of the website. The data provision is necessary in order to access the website of the provider. Non-provision will result in the website not being accessible. Your IP address will be deleted or anonymised after usage has ended. In the case of anonymisation, the IP addresses are changed such that they can no longer be assigned or can only be assigned with disproportionately great expense of time, costs and labour to a determined or determinable or identified or identifiable natural person.
If you would like to contact the provider, please use the contact form provided. You must provide the following information in this form:
You can also optionally provide the following information:
The provider uses your data to respond to your contact enquiry and to transmit any requested information to you. The permissibility of this processing is based on Art. 6 (1) (b) GDPR, according to which the processing is legal when it is required to fulfil a contract, whose contracting party is the person affected, or to perform precontractual activities, which are carried out at the request of the person affected. The provider cannot respond to your contact request and cannot get in contact with you without the data collected by the provider. The personal data processed in the context of communication is deleted following expiry of the legal retention duties, insofar as the controller does not have a legitimate interest in further retention. In this case, only the data actually necessarily required for achieving the corresponding purpose continues to be stored. The personal data is anonymised as far as possible.
In order to obtain additional information from the provider, you can subscribe to an email newsletter. Only your email address is required for this purpose. Further information to personalise the newsletter is optional. The double opt-in process is used to send the newsletter, i.e. you only receive a newsletter by email when you have explicitly confirmed in advance that the newsletter service should be activated. Once you have activated the newsletter, you will receive a notification email with an activation link. You will only receive the newsletter after clicking on the link. You can deactivate the newsletter at any time. To do so, please contact the provider or use the unsubscribe link indicated in each newsletter. The permissibility of the data processing is based on Art. 6 (1) (a) GDPR, according to which the processing is legal when the person affected has given consent to the processing of the personal data affecting the person for one or more determined purposes. If you do not grant any consent to the processing of your data, the provider cannot send you a newsletter. The personal data processed for the purposes of sending the newsletter is deleted, insofar as the controller does not have a legitimate interest in further retention. In this case, only the data actually necessarily required for achieving the corresponding purpose continues to be stored.
In order to handle online bookings, booking requests, orders for brochures and from the online shop, we process your personal data to the extent needed to provide you with the services you’ve booked with the help of our service provider Feratel Media Technologies AG (Maria-Theresien-Straße 8, A-6020 Innsbruck). We have concluded a corresponding agreement with Feratel in accordance with Art 28 GDPR as a processor which ensures that your data will only be processed within the context of the order. More information about data protection at Feratel.
2.4.1 Online Bookings
You can book different types of accommodation on the website. You must provide the following data for such purpose:
Your data will be used for processing your booking and provided to the accommodation accordingly. The permissibility of this processing is based on Art. 6 (1) (b) GDPR, according to which the processing is legal when it is required to fulfil a contract, whose contracting party is the person affected, or to perform precontractual activities, which are carried out at the request of the person affected. The provision of your personal data is contractually prescribed. The provider cannot conclude a contract with you and cannot process your booking without the data. The personal data processed for the purposes of handling bookings and concluding contracts is deleted following expiry of the legal retention duties, insofar as the controller does not have a legitimate interest in further retention. In this case, only the data actually necessarily required for achieving the corresponding purpose continues to be stored.
You have the opportunity to rate our company, your hosts and the trip as part of your booking. For this purpose, you will once receive an email from us a few days after booking, for which we will use the email address you provided and your name. By sending the evaluation of our company you agree that we may publish your evaluation on trustyou.com and on our websites. These ratings are on a voluntary basis. If you make a rating, we would like to thank you already now, every feedback helps us to improve our service for you even more.
2.4.2 Non-binding booking enquiry
You can send a non-binding booking enquiry to the provider using a special contact form. You must provide the following data for such purpose:
Your data will be used to process the booking enquiry and to create an offer. The permissibility of this processing is based on Art. 6 (1) (b) GDPR, according to which the processing is legal when it is required to fulfil a contract, whose contracting party is the person affected, or to perform precontractual activities, which are carried out at the request of the person affected. The provider cannot respond to your request and cannot provide you with the information you want without the data. The personal data processed for the purposes of handling a non-binding booking enquiry is deleted, insofar as the controller does not have a legitimate interest in further retention. In this case, only the data actually necessarily required for achieving the corresponding purpose continues to be stored.
2.4.3 Prospectus order
You can order various prospectuses on the website. You must provide the following data for such purpose:
Your data will be used to send the prospectus that you ordered. The permissibility of this processing is based on Art. 6 (1) (b) GDPR, according to which the processing is legal when it is required to fulfil a contract, whose contracting party is the person affected, or to perform precontractual activities, which are carried out at the request of the person affected. The provision of your personal data is contractually prescribed. The provider cannot send you a prospectus without the data. The personal data processed for the purposes of sending a prospectus is deleted, insofar as the controller does not have a legitimate interest in further retention. In this case, only the data actually necessarily required for achieving the corresponding purpose continues to be stored.
2.4.4 Online shop orders
You can order books, cards, holiday gift vouchers and merchandise from our online shop. You must provide the following data for such purpose:
Your data will be used to process your booking. The data will be shared with the service providers.
Credit card / Stripe
If you choose a method of payment offered by the payment provider Stripe, the payment will be processed by Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, with whom we’ll share the information you’ve disclosed as part of the payment process (name, address, account number, sort code, any credit card number, invoice amount, currency and transaction number) according to Art. 6 (1) (b) GDPR. We’ll only share your data for the purpose of processing the payment with Stripe Payments Europe Ltd. and only to the extent that is necessary for this purpose. You can find more information on data protection at Stripe using the following link: https://stripe.com/privacy.
The legitimacy of this processing is based on Art. 6 (1) (b) GDPR, according to which the processing is legal when it is required to fulfil a contract, whose contracting party is the data subject, or to perform pre-contractual activities, which are carried out at the request of the data subject.
The provision of your personal data is contractually prescribed. The provider cannot send you any products without the data. The personal data processed for the purposes of sending a product will be deleted, insofar as the controller does not have a legitimate interest in further retention. In this case, only the data actually necessarily required for achieving the corresponding purpose continues to be stored.
The provider uses cookies. These are small data packets which usually consist of letters and numbers and are stored on a browser when you visit certain websites. Cookies allow the website to recognise your browser, to follow you when you surf through different sections of a website and to identify you when you return to the website. Cookies do not contain data that identifies you personally, but the information stored by the provider about you can be assigned to the data obtained by the cookies and stored in them. Information obtained by the provider from you through the usage of cookies can be used for the following purposes:
Cookies do not cause damage to a browser. They do not contain viruses and also do not allow the provider to spy on you. Two types of cookies are used:
Using cookies, the provider can understand your usage behaviour for the purposes mentioned above and in the corresponding scope. They are also supposed to enable optimal surfing for you on the provider’s website. This data is also collected by the provider only in anonymised form.
This processing is permitted in accordance with Art. 6 (1) (f) GDPR. The legitimate interest of the provider is the optimised presentation of the website. You can of course also view the website without cookies. If you do not want the provider to recognise your computer, you can prevent the storage of cookies on your hard disk by selecting “do not accept cookies” in your browser settings. Please refer to the instructions of your browser’s provider to get the details on how this works. In order to also delete cookies already set by your browser, please read your browser’s instructions. The data provision is necessary in order to access the website of the provider without any faults. By not accepting cookies or deleting cookies already stored on your device, the functionality of the website may be affected. Temporary cookies are deleted automatically when your browser is closed (session cookies). Permanent cookies, in contrast, have a maximum service life of up to 20 days. These types of cookies allow you to be recognised when you access the website again after leaving.
The controller responsible for processing has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analytics service. Web analysis is the collection, gathering and evaluation of data about the behaviour of website visitors. A web analytics service collects various data, including the website from which a data subject has come to a website (referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. A web analysis will be used primarily to optimise a website and for a cost-benefit analysis of internet advertising.
Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA is the operator of the Google Analytics component.
The controller responsible for processing uses the extension “_gat._anonymizeIp” for web analysis via Google Analytics. This extension is used by Google to truncate and anonymise the IP address of the internet connection of the data subject when our websites are accessed from a European Union member state or from another contracting party to the Agreement on the European Economic Area.
Your IP address is already automatically anonymised in Google Analytics by default. The purpose of the Google Analytics component is to analyse visitor traffic to our website. Google uses the data and information gathered for several purposes, including the analysis of how our website is used, the compilation of online reports for us showing the activities on our website and the provision of other services in connection with the use of our website.
Google Analytics uses artificial intelligence to predict the behaviour of individual user groups. Changing customer needs are tracked and this allows predictions to be made for future usage behaviour.
Google Analytics sets a cookie on the computer system of the data subject. It has been explained above what cookies are. By setting the cookie, Google is able to analyse how our website is used. With each access to one of the individual pages of this website, which is operated by the controller responsible for processing and on which a Google Analytics component has been integrated, the Google Analytics component in question automatically causes the web browser on the data subject’s IT system to send data to Google for the purposes of the online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject, which serves Google, among other things, to trace the origin of visitors and their clicks and subsequently to enable commissions to be calculated.
The cookie is used to store personal information, such as the time of access, the location from which access took place and how often the data subject visits our website. This personal data, including the IP address of the internet connection used by the data subject, is sent to Google in the United States of America each time our websites are visited. Google stores this personal data in the United States of America. Google shares this personal data that has been collected using the technical process with third parties under certain circumstances.
As already outlined above, the data subject can prevent cookies being set by our website at any time by selecting the appropriate settings on the Internet browser used and thereby permanently deny the setting of cookies. Setting the internet browser in this way would also prevent Google setting a cookie on the computer system of the data subject. In addition, a cookie that has already been set by Google Analytics can be deleted at any time via the internet browser or other software programs.
The data subject also has the option of objecting to the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google, and preventing such. To do this, the data subject must download and install a browser add-on from the link tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that data and information about website visits must not be sent to Google Analytics. Google will consider the installation of the browser add-on as an objection. If the IT system of the data subject is deleted, formatted or reinstalled at a later time, the data subject will have to reinstall the browser add-on in order to deactivate Google Analytics. If the data subject or someone else attributable to their sphere of control uninstalls or deactivates the browser add-on, it is possible to reinstall or reactivate the browser add-on.
You will find further information and Google’s applicable privacy policy at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail via this link https://www.google.com/intl/de_de/analytics/.
2.7.1 Privacy policy on the use and application of Instagram
The controller responsible for processing has integrated components of the service Instagram on this website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos, and also to disseminate such data on other social networks.
The company that operates the Instagram services is Instagram LLC, 1 Hacker Way, Building 14, First Floor, Menlo Park, CA 94025, USA.
Each time one of the individual pages of this website is accessed that is operated by the controller responsible for processing and on which an Instagram component (Insta button) has been integrated, the Instagram component in question automatically causes the web browser on the data subject’s IT system to download a representation of the corresponding component from Instagram. As part of this technical process, Instagram receives information about which specific sub-page of our website the data subject is visiting.
If the data subject is logged into Instagram at the same time, Instagram recognises which specific sub-page the data subject is visiting each time the data subject accesses our website and for the entire duration of their stay on our website. This information is collected by the Instagram component and assigned by Instagram to the data subject’s Instagram account in question. If the data subject clicks on one of the Instagram buttons integrated on our website, the data and information transmitted in this way will be assigned to the data subject’s personal Instagram user account and stored and processed by Instagram.
Instagram always receives information through the Instagram component that the data subject has visited our website if the data subject is logged into Instagram while accessing our website; this happens regardless of whether the data subject clicks on the Instagram component. If the data subject does not want this information to be sent to Instagram, they can prevent such transfer by logging out of their Instagram account before accessing our website.
You will find further information and Instagram’s applicable privacy policy at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
2.7.2 Privacy policy on the use and application of YouTube
The controller responsible for processing has integrated components of YouTube on this website. YouTube is an online video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them free of charge. YouTube allows the publication of all kinds of videos, which is why complete films and television programmes, not to mention music videos, trailers or videos made by users themselves, can be accessed using the internet portal.
The service on de.youtube.com is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Each time one of the individual pages of this website is accessed that is operated by the controller responsible for processing and on which a YouTube component (YouTube video) has been integrated, the YouTube component in question automatically causes the web browser on the data subject’s IT system to download a representation of the corresponding YouTube component from YouTube. You will find further information about YouTube at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google receive information about which specific sub-page of our website the data subject is visiting.
If the data subject is logged into YouTube at the same time, YouTube recognises which specific sub-page of our website the data subject is visiting each time the data subject accesses a sub-page containing a YouTube video. This information is collected by YouTube and Google and assigned to the data subject’s YouTube account in question.
YouTube and Google always receive information through the YouTube component that the data subject has visited our website if the data subject is logged into YouTube while accessing our website; this happens regardless of whether the data subject clicks on the YouTube video. If the data subject does not want this information to be sent to YouTube and Google, they can prevent such transfer by logging out of their YouTube account before accessing our website.
The privacy policy published by YouTube, available at https://policies.google.com/privacy?hl=en, provides information about YouTube’s and Google’s collection, processing and use of personal data.
2.7.3 Privacy policy on the use and application of Facebook
The controller responsible for processing has integrated components provided by the company Facebook on this website. Facebook is a social network.
A social network is a social meeting place operated on the internet – an online community that usually allows users to communicate and interact with one another in the virtual space. A social network can serve as a platform for exchanging opinions and experiences, or enables the online community to provide personal or company-related information. Among other things, Facebook allows users of the social network to create private profiles, upload photos and network through friend requests.
The company that operates Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller responsible for personal data processing where a data subject lives outside the US or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website is accessed that is operated by the controller responsible for processing and on which a Facebook component (Facebook plugin) has been integrated, the Facebook component in question automatically causes the web browser on the data subject’s IT system to download a representation of the corresponding Facebook component from Facebook. You will find a complete overview of all the Facebook plugins at https://developers.facebook.com/docs/plugins/?locale=en_GB. As part of this technical process, Facebook receives information about which specific sub-page of our website the data subject is visiting.
If the data subject is logged into Facebook at the same time, Facebook recognises which specific sub-page of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of their stay on our website. This information is collected by the Facebook component and assigned by Facebook to the data subject’s Facebook account in question. If the data subject clicks on one of the Facebook buttons integrated on our website, such as the ‘Like’ button, or if the data subject makes a comment, Facebook assigns this information to the data subject’s personal Facebook user account and stores this personal data.
Facebook always receives information through the Facebook component that the data subject has visited our website if the data subject is logged into Facebook while accessing our website; this happens regardless of whether the data subject clicks on the Facebook component. If the data subject does not want this information to be sent to Facebook, they can prevent such transfer by logging out of their Facebook account before accessing our website.
The data policy published by Facebook, available at https:/en-gb.facebook.com/about/privacy/, provides information about Facebook’s collection, processing and use of personal data. It also explains the potential settings Facebook offers to protect the data subject’s privacy. In addition, various apps are available that enable suppression of data transfer to Facebook. The data subject can use such applications to suppress data transfer to Facebook.
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's data protection declaration: https://policies.google.com/privacy?hl=de.
The controller has integrated components of the service Riddle on this website. Riddle is a software for designing online surveys or online quizzes.
The operating company of the riddle.com services is Riddle Technologies AG, Lenaustr. 1, 66125 Saarbrücken, Germany.
Riddle is integrated into our website as a so-called iFrame. We have no influence on the data processing processes that take place via the iFrame and during participation in the quiz. When using the Riddle components (e.g. quizzes, surveys), Riddle only processes aggregated data. In the event that data is requested from you in our quizzes or competitions via e.g. forms, this data is processed in our web space at Riddle. Riddle itself has no access to this. Riddle uses cookies to collect information about the use of the quiz and surveys.
Further information and Riddle's applicable privacy policy can be found at https://www.riddle.com/legal/privacy.
The provider will grant access to you upon requesting whether they process data affecting you. The provider will endeavour to process your enquiries for access quickly.
You have the right to demand that the controller immediately corrects any inaccurate personal data concerning yourself.
You have the right to request the provider to immediately delete personal data affecting you and the provider is obliged to immediately delete personal data, insofar as one of the following reasons mentioned in Art. 17 (1) (a) - (f) GDPR applies:
You have the right to require the operator to restrict the processing, if one of the following conditions under Art. 18 (1) (a) - (d) GDPR is fulfilled.
You have the right to, at any time, lodge an objection to the processing of personal data affecting you which is carried out based on Art. 6 (1) (e) or (f) GDPR for reasons arising from your particular situation; this also applies to profiling supported by these provisions. The provider will not process your personal data any more, unless the provider can prove compelling legitimate reasons for the processing, which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims. If your personal data is processed to carry out direct advertising, you thus have the right to, at any time, lodge an objection to the processing of personal data affecting you for the purposes of such advertising; this also applies to profiling, insofar as it is connected to such direct advertising. You have the right to lodge an objection to the processing affecting you of personal data affecting you, which is carried out for scientific or historical research purposes or for statistical purposes according to Art. 89 (1) GDPR for reasons arising from your particular situation, unless the processing is required to fulfil an objective in the public interest. Please use the contact address indicated in the Imprint for your message.
You have the right to obtain the personal data affecting you, which you have provided to the provider, in a structured, conventional and machine-readable format and you have the right to transmit this data to another controller without the provider, to whom the personal data was provided, impeding this, insofar as the processing is based on consent according to Art. 6 (1) (a) GDPR, Art. 9 (2) (a) GDPR or on a contract according to Art. 6 (1) (b) GDPR and the processing is carried out with the aid of automated processes.
The data collected when accessing and using the website and the information provided by you when getting in contact is transmitted to the servers of the provider and stored there. Otherwise, your data may be provided to the following categories of recipients:
Upon visiting the website, content may be displayed which is linked to the websites of third parties. The provider does not have access to the cookies or other functions used by third party sites, nor can the provider control such. Such third party sites are not subject to the provider’s data protection provisions.
It appears that you are using Microsoft Internet Explorer as your web browser to access our site.
For practical and security reasons, we recommend that you use a current web browser such as Firefox, Chrome, Safari, Opera, or Edge. Internet Explorer does not always display the complete content of our website and does not offer all the necessary functions.