Privacy Policy
Privacy Policy
Welcome to the website of the region Oberschwaben and our online presence, especially www.oberschwaben-tourismus.de
We thank you for your interest in our services. Protecting your privacy and data is very important to us. We only collect and use your data in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 (GDPR) and the applicable provisions. In the following, we as the controller will explain to you what data we collect and how we process these data.
1. Personal data
As defined by the GDPR, personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data will only be saved if it is necessary for providing the booked services, adhering to legal guidelines or for purposes explained in the following.
2. Anonymized data / log files / IP address
You can visit our website without providing any personal data. However, certain anonymous data will be saved each time our website is visited, e.g. which page or which offer was called up. This data is not personal, however, and thus is not subject to the legal guidelines of the GDPR.
The website operator or site provider collects data about visits to the site and stores these as server log files. The following data are logged in this manner:
Website visited, time of access, quantity of data sent in bytes, source/link from which you reached the site, browser used, operating system used, IP address used.
The data collected is used for statistical analysis and to improve the website. The website operator reserves the right to examine the server log files at a later time should there be specific indications of unlawful use.
Anonymous data is only collected for statistical evaluation in order to improve our services. For further information, please take note of the figure “Right to information / revocation rights”.
3. Purpose of collecting personal data
Personal data must however be provided if you make a travel booking or other booking via our website, contact us, subscribe to our newsletter or use other services on our website that require personal data to be given. These include the management of your data in a personal customer account with a login function, voucher purchases, participating in competitions or amending existing bookings or orders.
In accordance with legal provisions, we will normally only collect data necessary for the service you require. If our forms ask you to provide further information, this is always voluntary and will be marked as such.
The temporary storage of the IP address by the system is necessary in order to enable the delivery of the website to the user’s computer. To do this, the IP address of the user must be stored for the duration of the session. This is also stored in log files in order to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our information technology systems. In this connection, the data will not be analyzed for marketing purposes. Our legitimate interests in data processing according to point (f) of Article 6(1) GDPR lie in these purposes.
If a travel booking is made or another service is booked, the data collected will be used to process this booking and used for advertising and statistical purposes, within the scope of legal provisions.
If you subscribe to our newsletter, we also store and use the data you provided about yourself and your orders and travel services when booking or registering in order to give you optimum service as a newsletter subscriber on the basis of point (f) of Article 6(1) GDPR.
The legal basis for the processing of data after the user registers for the newsletter is point (a) of Article 6(1) GDPR if the user has given consent.
We also use the personal data that we have collected to improve customer relations and to provide better customer care (e.g. information about the trip), to carry out our own advertising and marketing initiatives (e.g. sending out catalogues or other advertising within the scope permitted by law, feedback on customer satisfaction) and to process your order.
4. Legal basis for the processing of personal data
If we obtain the consent of the data subject for all processing of personal data, the legal basis shall be point (a) of Article 6(1) of the General Data Protection Regulation (GDPR).
For the processing of personal data required for the performance of a contract to which the data subject is a party, the legal basis is point (b) of Article 6(1) GDPR. This also applies to processing that is required to perform pre-contractual measures.
If the processing personal data is required in order to fulfil a legal obligation to which our company is subject, the legal basis shall be point (c) of Article 6(1) GDPR.
In the event that vital interests of the data subject or another natural person require the processing of personal data, the legal basis shall be point (d) of Article 6(1) GDPR.
If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis shall be point (f) of Article 6(1) GDPR.
5. Transfer of personal data to third parties
We will only transfer your personal data in accordance with the applicable competition and data protection regulations.
Your data will also be transferred to our subcontractors or other service providers related to your booking (e.g. processing newsletters to be sent by post or email, payment processing, customer service) if this is necessary for us to fulfil our legal obligations and to provide you with the services we owe you.
Data will also be transferred to persons or companies in order to process your order or booking, particularly for travel services to airlines, tour operators, hotels, travel agencies, incoming agencies, car rental companies, cruise operators, authorities etc. Ensure that the privacy provisions at the domicile of these persons and companies may differ from those in our country.
Your data will also be disclosed and sent to third parties if we are obliged to do this by law or on the basis of a final court ruling.
You have the right to receive the personal data concerning you which you have provided in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without being hindered by the controller to whom the personal data was provided.
6. Storage and erasure of data
Your personal data will be stored in accordance with the purposes listed under “Purpose of collecting personal data”. The personal data of the data subject will be erased or blocked once the purpose ceases to apply. Data may also be stored if this has been provided for by the European or national legislator in Union ordinances, laws or other regulations to which the controller is subject. The government has set down various storage periods for data. The data will also be blocked or erased if the retention period prescribed by the standards mentioned, unless it is necessary to continue storing the data for the conclusion or performance of a contract.
7. Use of cookies
We use cookies (small computer files with text information sent by the web server to your Internet browser) in order to improve your experience when visiting our website. For example, some notices will only appear once if you allow us to use cookies. Cookies also have an expiry date. If you delete your cookies manually before their expiry, you will receive a new one upon your next visit to the site if you do not block the storage of cookies.
The technical specifications only allow cookies to be read by the server that sent them. We assure you that no personal data will be stored in cookies.
Unfortunately, you will only have limited use of our services if you do not agree to the use of cookies. We therefore recommend you permanently activate the cookies when using our website. Most internet browsers automatically accept cookies. You can, however, deactivate cookies and set up your internet browser to inform you as soon as cookies are sent.
The legal basis for the processing of personal data when using cookies is point (f) of Article 6(1) GDPR.
The legal basis for the processing of personal data when using cookies for analytical purposes is point (a) of Article 6(1) GDPR if the user has given consent.
8. Data protection for applications and in the application process
The controller collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also take place electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form located on the website.
If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.
If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
9. Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses cookies, which are text files placed on your computer, to help the website analyze how you use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in Ireland. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
The Google tracking codes of this website use the _anonymizeIp() function, which means that IP addresses are only processed in a shortened form in order to prevent direct personal identification. You may object to the collection and storage of data at any time for the future. Clicking on the “deactivate” button will completely stop tracking. In order to make a permanent objection, the browser used must accept cookies. Alternatively, the data collection can be refused by using a Google browser plug-in which prevents the information collected by cookies (including your IP address) from being sent to Google Ireland Limited and used by Google Ireland Limited. You can find the relevant plug-in on the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
10. YouTube
This website uses a link to YouTube provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When embedding, we use the “Extended data protection mode” so that a transfer of usage information only takes place when starting the video. In this case, it will be transmitted which specific pages of our Internet presence you have visited and which videos are viewed. When you are logged into your YouTube account, you enable YouTube to associate your page access directly with your personal profile. You can find further information on the collection and processing of your data by YouTube in the corresponding privacy policy www.youtube.com
If you would like to ensure that none of your data is stored by YouTube, do not click on the embedded videos.
11. Facebook Social Plugins
This website uses Social Plugins (“Plugins”) of the social website facebook.com, which are operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (“Facebook”). The plugins can be identified by the Facebook logo (white “f” on a blue tile or a “Like” button), or by the words “Facebook Social Plugin”. The list and appearance of the Facebook social plugins can be viewed here: http://developers.facebook.com/plugins.
If a website of this online presence that contains such a plugin is called up, the browser used will establish a direct connection with the Facebook servers. The content of the plugins is transmitted directly by Facebook to the browser used which then integrates this in the website. We have no control over the data that Facebook collects via this plugin and would therefore like to clarify how we believe the system works: by embedding the plugin, Facebook receives the information that the corresponding pages of our Internet presence has been accessed. If you are logged into Facebook, Facebook can associate your visit with your Facebook account. If you interact with the plugins (such as when pressing the “Like” button or making a comment), the relevant information is transmitted directly from your browser to Facebook and stored there. If you are not a member of Facebook, there is still the possibility that your IP address will be revealed to Facebook and stored there. To see the purpose and scope of the data collection and the further processing and use of data by Facebook and the associated rights and settings available for the protection of your privacy, please see Facebook’s privacy policy: http://www.facebook.com/policy.php. If you are a Facebook member and do not wish Facebook to collect data about you via our website and link to your member data in Facebook, you must log out from Facebook prior to visiting this online presence. It is also possible to block Facebook Social Plugins with add-ons for the browser used, such as the Facebook Blocker.
12. Facebook Conversion Pixel
This online presence uses Facebook Pixel of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (“Facebook”). This tracks the behaviour of users once they have viewed or clicked on a Facebook advertisement. This procedure serves to analyse the effectiveness of Facebook advertisements for statistical and market research purposes, and can help optimise future advertisement measures.
The data collected is anonymous to us, and cannot be used to identify the user. However, the data is stored and processed by Facebook in order to enable a connection with the relevant user profile and so that Facebook can use the data for its own advertisement purposes, in accordance with the Facebook privacy policy (https://www.facebook.com/about/privacy/). The user can switch off Facebook advertisements and those of its partners, including outside Facebook. A cookie may also be stored on your computer for this purpose.
By visiting our website and our Facebook page, you consent to its use. In order to refuse the use of cookies on the computer in general, the Internet browser can be set so that no cookies can be stored on the computer in the future or any cookies already stored are deleted. Disabling all cookies may mean that some functions on our Internet pages will no longer work. The user can also deactivate the use of cookies by third part providers such as Facebook on the following website of the Digital Advertising Alliance: http://www.aboutads.info/choices/
13. Use and application of Outdooractive
Our online presence uses technologies, components and content of the Outdooractive platform on this website. The operating company of the Outdooractive platform and tour portal is Outdooractive GmbH & Co. KG, Missener Str. 18, 87509 Immenstadt.
Oberschwaben Tourismus GmbH, as licensee, has concluded an agreement with Outdooractive GmbH & Co. KG (hereinafter referred to as "Outdooractive") for the use of the Outdooractive DATA API (hereinafter referred to as "API" or "APIs"). Outdooractive provides Oberschwaben Tourismus GmbH as API user with so-called APIs (Application Programming Interface), which are used on this website, in applications, widgets or other electronic media of Oberschwaben Tourismus GmbH. In this way, the user of this website can also access the data content provided by the Outdooractive portal and platform. Which data Outdooractive makes available via the respective APIs is specified in the respective API documentation. Apart from IP addresses, no other personal data of users of the Outdooractive platform is transmitted to Outdooractive via the APIs.
Outdooractive collects and stores data about each access to the offer, these are so-called server log files. Such access data are:
- The name of the accessed website
- Referrer URL
- Date and time of the server request
- amount of data transferred
- browser type/ browser version
- the operating system used by the user
- IP address of the user
- message about successful retrieval
This log data is only used by Outdooractive for statistical evaluations for the purpose of the operation, security and optimization of the offer. However, Outdooractive reserves the right to check the log data retrospectively if it becomes aware of any unlawful use on the basis of concrete indications or if there is a justified suspicion of unlawful use. Outdooractive only collects, uses or transmits personal data if this is permitted by law or if users consent to the collection of data. This data is used for the purposes of using the offer. This data is used to inform users by e-mail of relevant information regarding the offer or registration as well as technical circumstances.
Outdooractive is responsible for the content on outdooractive.com and the handling of user data in accordance with data protection regulations. In accordance with Outdooractive's statements, all data protection laws and regulations are strictly adhered to, in particular the Teleservices Data Protection Act (TDDSG), the Federal Data Protection Act and the data protection provisions of the Telecommunications Act §§ 85ff and the legal requirements at EU level. The privacy policy published by Outdooractive, which is available at corporate.outdooractive.com/en/privacy-policy/, provides information on the collection, processing and use of personal data by Outdooractive and the integration of services, content and analysis tools from third-party providers. The privacy policy is part of the Outdooractive.com T&Cs.
14. Use and integration of the HRS booking platform as a white label solution.
Our online presence uses under the button "Find accommodation" a booking engine of HRS Destination Solutions GmbH, Breslauer Platz 4 50668 Cologne (hereinafter "HRS") for online bookable vacation accommodations and other offers in the vacation region Oberschwaben-Allgäu as a white label.
HRS operates platforms under www.holidayinsider.com and hrsholidays.de, in which all kinds of accommodations and additional services can be booked. The platforms make it possible to select the suitable vacation accommodations or other achievements from a multiplicity of offers and to book these directly with the offerer of the accommodations or achievements. HolidayInsider itself does not offer any accommodations. This Internet portal offers apart from information in word and picture, also the possibility evaluations of the offered achievements to deliver and call up, in order to give to the user/inside a as comprehensive as possible information exchange and appropriate information possibilities.
HRS provides the booking section as a white label in the most current version for integration on the website of Oberschwaben Tourismus GmbH and operates the white label on the server of OTG and provides it with an IP address.
HRS bears sole responsibility for the HRS offers displayed on the booking section under the white label. Should third parties assert claims against Oberschwaben Tourismus GmbH based on alleged illegal content of the HRS offer, HRS shall indemnify Oberschwaben Tourismus GmbH against such claims. HRS is liable for defects in its services in accordance with the statutory provisions.
The data protection regulations published by HRS, which can be accessed at www.im-web.de/impressum.php, provide information on the collection, processing and use of personal data by HRS.
15. Use of the event database toubiz of the TMBW
Our online presence uses the database toubiz of Tourismus Marketing GmbH Baden-Württemberg (hereinafter "TMBW"), Esslinger Str. 8, 70182 Stuttgart (hereinafter "toubiz") abbreviated to enable the display of events and other sights and regional information. The technical provision of toubiz is carried out by land in sicht AG, Wiesentalstr. 5, 79115 Freiburg.
Within the framework of toubiz, the TMBW processes data of the respective partners/organizers. The notes and provisions on data protection can be found in the TMBW's data protection declaration, which can be viewed at https://www.tourismus-bw.de/Datenschutzerklaerung.
16. Use and application of Instagram
Our online presence uses components of the service Instagram on this website. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also to redistribute such data in other social networks.
The operating company of the Instagram services is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
Byeach call of one of the individual pages of this website, which is operated by the controller and on which an Instagram component (Insta button) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Instagram component to download a representation of the corresponding component from Instagram. Within the scope of this technical procedure, Instagram receives knowledge about which specific subpage of our website is visited by the data subject.
If the data subject is logged in to Instagram at the same time, Instagram recognizes which specific sub-page the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Instagram component and assigned by Instagram to the respective Instagram account of the data subject. If the data subject activates one of the Instagram buttons integrated on our website, the data and information thus transmitted will be assigned to the personal Instagram user account of the data subject and stored and processed by Instagram.
Instagram always receives information via the Instagram component that the data subject has visited our website if the data subject is simultaneously logged into Instagram at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Instagram component or not. If the data subject does not want this information to be transmitted to Instagram, he or she can prevent the transmission by logging out of his or her Instagram account before accessing our website.
Further information and the applicable data protection provisions of Instagram can be found at help.instagram.com/155833707900388 and www.instagram.com/about/legal/privacy/.
17. Use and application of Pinterest
Our online presence uses components of Pinterest Inc. on this website. Pinterest is a so-called social network. A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for sharing opinions and experiences or enables the Internet community to provide personal or business-related information. Among other things, Pinterest enables users of the social network to publish image collections and individual images as well as descriptions on virtual pinboards (so-called pinning), which can then in turn be shared by other users (so-called repinning) or commented on.
The operating company of Pinterest is Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.
By each call of one of the individual pages of this website, which is operated by the controller and on which a Pinterest component (Pinterest plug-in) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Pinterest component to download a representation of the corresponding Pinterest component from Pinterest. More information about Pinterest is available at pinterest.com. As part of this technical procedure, Pinterest receives knowledge of which specific subpage of our website is visited by the data subject.
If the data subject is logged into Pinterest at the same time, Pinterest recognizes which specific sub-page of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Pinterest component and assigned by Pinterest to the respective Pinterest account of the data subject. If the data subject activates a Pinterest button integrated on our website, Pinterest assigns this information to the personal Pinterest user account of the data subject and stores this personal data.
Pinterest always receives information via the Pinterest component that the data subject has visited our website if the data subject is simultaneously logged into Pinterest at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Pinterest component or not. If the data subject does not want this information to be transmitted to Pinterest, he or she can prevent the transmission by logging out of his or her Pinterest account before calling up our website.
The privacy policy published by Pinterest, which is available at about.pinterest.com/privacy-policy, provides information about the collection, processing and use of personal data by Pinterest.
18. Privacy policy on the use and application of Twitter
Our online presence uses components of Twitter on this website. Twitter is a multilingual publicly accessible microblogging service on which users can publish and disseminate so-called tweets, i.e. short messages limited to 140 characters. These short messages can be accessed by anyone, including people who are not registered with Twitter. However, the tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow the tweets of a user. Furthermore, Twitter makes it possible to address a broad audience via hashtags, links or retweets.
The operating company of Twitter is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
By each call of one of the individual pages of this website, which is operated by the controller and on which a Twitter component (Twitter button) has been integrated, the internet browser on the information technology system of the data subject is automatically caused by the respective Twitter component to download a representation of the corresponding Twitter component from Twitter. Further information on the Twitter buttons can be found at about.twitter.com/en/resources/buttons. Within the scope of this technical procedure, Twitter receives knowledge of which specific sub-page of our website is visited by the data subject. The purpose of integrating the Twitter component is to enable our users to disseminate the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the data subject is logged into Twitter at the same time, Twitter recognizes which specific subpage of our website the data subject is visiting with each call to our website by the data subject and for the entire duration of the respective stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the data subject. If the data subject activates one of the Twitter buttons integrated on our website, the data and information thus transmitted will be assigned to the personal Twitter user account of the data subject and stored and processed by Twitter.
Twitter always receives information via the Twitter component that the data subject has visited our website if the data subject is simultaneously logged into Twitter at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Twitter component or not. If the data subject does not want this information to be transmitted to Twitter, he or she can prevent the transmission by logging out of his or her Twitter account before accessing our website.
The applicable data protection provisions of Twitter are available at twitter.com/privacy.
19. Use and application of Xing
The controller has integrated components of Xing on this website. Xing is an Internet-based social network that allows users to connect with existing business contacts and to make new business contacts. Individual users can create a personal profile of themselves on Xing. Companies can, for example, create company profiles or publish job offers on Xing.
The operating company of Xing is XING AG, Dammtorstraße 30, 20354 Hamburg, Germany.
Each time one of the individual pages of this website operated by the controller is called up and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at dev.xing.com/plugins. Within the scope of this technical procedure, Xing receives information about which specific subpage of our website is visited by the data subject.
If the data subject is logged in to Xing at the same time, Xing recognizes which specific subpage of our website the data subject is visiting each time the data subject calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject activates one of the Xing buttons integrated on our website, for example the "Share" button, Xing assigns this information to the personal Xing user account of the data subject and stores this personal data.
Xing always receives information via the Xing component that the data subject has visited our website if the data subject is simultaneously logged into Xing at the time of calling up our website; this takes place regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, he or she can prevent the transmission by logging out of his or her Xing account before accessing our website.
The data protection provisions published by Xing, which can be accessed at www.xing.com/privacy, provide information about the collection, processing and use of personal data by Xing. Furthermore, Xing has published data protection information for the XING Share button at www.xing.com/app/share.
20. Security, questions and remarks, controller
Security also depends ultimately on your system. You should always treat your access information as confidential, never allow your browser to save passwords and close the browser window when you leave our website. This makes it more difficult for third parties to access your personal data.
Use an operating system that can manage user rights. Always set up different user profiles, including amongst family members, and never use the internet under administrator rights. Use security software such as virus scanners and firewalls and always keep your system up to date.
The controller for this online presence as defined by the General Data Protection Regulation and other national data protection laws of Member States as well as other data protection regulations is:
Oberschwaben Tourismus GmbH
Neues Kloster 1
D-88427 Bad Schussenried
Tel. +49 (0)7583 92638-0
Fax +49 (0)7583 92638-29
E-Mail: info(at)oberschwaben-tourismus.de
Website: www.oberschwaben-tourismus.de
Handelsregister Ulm: HRB 641496
UID-Nr.: DE211261714
CEO: Petra Misch, Sarah Falk
21. Right of access / revocation; other rights of data subjects
You have the right:
· Pursuant to Art. 15 GDPR, to obtain from us confirmation as to whether or not personal data concerning you are being processed. In particular, you can obtain information on the purposes of the processing, the categories of personal data, categories of recipients to whom your data has been or will be disclosed, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or to object, the existence of a right to lodge a complaint, the origin of the data, if this has not been collected by us, and on the existence of automated decision-making including profiling and any meaningful information on the details.
· Pursuant to Art. 16 GDPR, to obtain the immediate rectification or completion of the personal data concerning you stored by us;
· Pursuant to Art. 17 GDPR, to obtain the erasure of personal data concerning you stored by us unless the processing is necessary for exercising the right of freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
· Pursuant to Art. 18 GDPR, to obtain the restriction of processing of your personal data, where the accuracy of the personal data is contested by you, the processing is unlawful but you oppose the erasure of the personal data, or we no longer need the data, but you require them or the establishment, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
· Pursuant to Art. 20 GDPR, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or request the transmission to another controller;
· Pursuant to Art. 7(3) GDPR, to withdraw the consent you once provided to us at any time. This will mean that we will no longer be able to continue the data processing relating to this consent in the future, and
· Pursuant to Art. 77 GDPR, to lodge a complaint with a supervisory authority. Generally, you may contact the supervisory authority at your usual place of residence or workplace or at our registered office.
In order to withdraw your consent to data usage, to exercise your right of access, or request the rectification, blocking or erasure or to exercise your other rights as a data subject, please contact:
Oberschwaben Tourismus GmbH
Neues Kloster 1
D-88427 Bad Schussenried
Tel. +49 (0)7583 92638-0
Fax +49 (0)7583 92638-29
E-Mail: info(at)oberschwaben-tourismus.de
These rights are of course available to you free of charge, without you incurring higher transmission costs for your request than for the base rates.
22. Supervisory authority
The following supervisory authority is responsible of any complaints concerning the processing of your personal data, especially data breaches, in case the problem can not be solved by contacting the controller himself or the data protection officer:
Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg
Postfach 10 29 32
70025 Stuttgart
Telefon: +49 (0) 711 / 61 55 41 – 0
E-Mail: poststelle@lfdi.bwl.de
23. Newsletter – unsubscribing
If you no longer wish to receive our newsletter or our advertising emails, click on the link: “Unsubscribe from newsletter” appears at the bottom of every email from us.