Privacy policy
The legal notice also applies to our Facebook page and our Instagram account.
Responsible party pursuant to data protection laws, in particular the EU General Data Protection Regulation (GDPR), is
Schlehdorn GmbH
Johannes und Felix Dünnebacke
Am Sommerberg 1
D-79868 Feldberg-Altglashütten
Tel.: +49 (0) 7655 / 91050
Fax: +49 (0) 7655 / 910543
info@koehlerei-am-see.de
Your rights as the data subject
You can exercise the following rights at any time using the contact details of our data protection officer:
- Information on your data stored by us and the processing thereof (Art. 15 GDPR),
- Rectification of inaccurate personal data (Art. 16 GDPR),
- Deletion of your data stored by us (Art. 17 GDPR),
- Restriction of the data processing, provided that we may not delete your data due to legal obligations (Art. 18 GDPR),
- Objection to the processing of your data with us (Art. 21 GDPR) and
- Data portability, provide that you have consented to the data processing or have entered into a contract with us (Art. 20 GDPR).
If you have given us consent, you may withdraw it at any time, which will remain in effect in the future.
You can contact a supervisory authority with a complaint at any time, e.g. the supervisory authority of the state of your residence or the authority that oversees us as the responsible party.
You’ll find a list of supervisory authorities (for the non-public area) with their respective addresses at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Contact form
Type and purpose of the processing
The data you enter are used for individual communication with you. A valid e-mail address and your name are required for this communication, which serves to organize your inquiry and the respective subsequent reply. Providing additional information is optional.
Legal basis
The processing of the data entered in the contact form occurs on the basis of a legitimate interest (Art. 6 Para. 1 (f) GDPR).
By providing the contact form, our aim is to facilitate an uncomplicated means for you to contact us. The information you enter will be used to process the inquiry and saved for possible follow-up questions.
If you contact us to request an offer, the processing of the information provided in the contact form will occur in order to implement pre-contractual measures (Art. 6 Para. 1 (b) GDPR).
Recipients
Recipients of the data may be processors.
Retention period
The data will be deleted no later than 6 months after processing the inquiry.
Provided that we enter into a contract together, we will use the statutory retention periods in the German Commercial Code (Handelsgesetzbuch) and delete your data according to the respective stipulated deadlines.
Mandatory or required provision
The provision of your personal data is voluntary. However, we can only process your inquiry if you provide us with your name, e-mail address and the reason for your inquiry.
Using Google Analytics
Type and purpose of the processing
This website uses Google Analytics, a web analytics service of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA (hereinafter: ‘Google’). Google Analytics uses so-called ‘cookies’, i.e. text files that are stored on your computer and allow an analysis of your use of the website. The information generated by the cookie about your use of this website is typically transmitted to a Google server in the U.S. and stored there. However, due to the activation of IP anonymisation on these websites, your IP address will be truncated beforehand by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the U.S. and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, summarise reports on website activities and provide other services related to website and Internet usage to the website operator. The IP address transferred from your browser as part of Google Analytics will not be combined with other data from Google.
The data processing purposes are the website-use analysis and the summary of reports on activities on the website. Based on the use of the website and the Internet, other related services will be provided.
Legal basis
The processing of the data occurs on the basis of the user’s consent (Art. 6 Para. 1 (a) GDPR).
Recipients
The recipient of the data is Google as the processor. For this, we have entered into the corresponding data-processing contract with Google.
Retention period
The deletion of the data occurs as soon as they are no longer necessary for our recording-keeping purposes.
Third country transfers
Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
Mandatory or required provision
The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this can lead to functional limitations on the website.
Revocation of consent
You can prevent the storage of cookies by a corresponding setting in your browser software; however, please note that in this case you may not be able to use all the functions of this website in their entirety. Furthermore, you can prevent the collected data generated by the cookie and the data related to your use of the website (including your IP address) being transmitted to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: browser add-on to deactivate Google Analytics.
In addition, or as an alternative to the browser add-on, you can prevent tracking by Google Analytics on our web pages by clicking this link, which will install an opt-out cookie on your device. This will prevent data collection by Google Analytics for this website and for this browser in the future, as long as the cookie remains installed in your browser.
Profiling
With the assistance of the tracking tool Google Analytics, the browsing behaviour of the website visitors can be evaluated and their respective interests can be analysed. For this analysis, we create a pseudonymous user profile.
Using script libraries (Google Webfonts)
Type and purpose of the processing
In order to present our content correctly and graphically appealing across all browsers, we use ‘Google Webfonts’ from Google LLC (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereinafter ‘Google’) to display fonts on this website.
You’ll find the data protection guidelines of the library operator Google here: https://www.google.com/policies/privacy/
Legal basis
Your consent is the legal basis for the integration of Google Webfonts and the associated data transfer to Google (Art. 6 Para. 1 (a) GDPR).
Recipients
The use of script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible – but currently also unclear whether and to what end – that the operator, in this case Google, will collect data.
Retention period
We do not collect any personal data via the integration of Google Webfonts.
You’ll find additional information on Google Webfonts at https://developers.google.com/fonts/faqand in Google’s privacy policy: https://www.google.com/policies/privacy/.
Third country transfers
Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
Mandatory or required provision
The provision of your personal data is neither legally nor contractually required. However, the correct presentation of standard-fonts content is not possible without this provision.
Revocation of consent
The programming language JavaScript is regularly used to display content. Thus, you can opt out of the data processing by disabling JavaScript execution in your browser or by installing a JavaScript blocker. Please note that this may result in functional limitations on the website.
Using Google Maps
Type and purpose of the processing
We use Google Maps on this website. Google Maps is operated by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter ‘Google’). This allows us to show you interactive maps directly on the website, allowing you to conveniently use the map feature.
You’ll find additional information about Google’s data processing on the Google privacy policy page, where you can also change your personal privacy settings in the data protection center.
Click here for detailed instructions on how to manage your own data related to Google products.
Legal basis
Your consent is the legal basis for the integration of Google Maps and the associated data transfer to Google (Art. 6 Para. 1 (a) GDPR).
Recipients
By visiting the website, Google receives information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account that you are logged into or if there is no user account. When you’re logged into Google, your data will be directly assigned to your account.
If you do not want this assignment in your Google profile, you must log out of Google before activating the button. Google stores your data as usage profiles and uses them for advertising, market research and/or tailor-made design of its website. Such an analysis occurs in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, but you must submit this objection to Google.
Retention period:
We do not collect any personal data via the integration of Google Maps.
Third country transfers
Google processes your data in the United States of America and is subject to the EU-U.S. Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
Revocation of consent
If you do not want Google to collect, process or use information about you via our website, you can disable JavaScript in your browser settings. In this case, you cannot or only partially use our website.
Mandatory or required provision
The provision of your personal data is voluntary, based solely on your consent. If you prevent access, this can lead to functional limitations on the website.
SSL encryption
To protect the security of your data during transmission, we use state-of-the-art encryption methods (such as SSL) via HTTPS.
DialogShift Chat Application on Our Website
Our website uses the chat application from DialogShift GmbH, Torstr. 201, 10115 Berlin. This application processes and stores data for the purpose of web analysis, operating the chat application, and responding to inquiries. For the operation of the chat function, chat texts are stored, and a cookie with a unique ID is set—this serves to recognize you as a customer. A cookie is a small text file that is stored locally in the cache on your device. With the help of this cookie, our application recognizes the device again and can retrieve past chat logs. This cookie is stored for 90 days since its last use. You can disable the storage of cookies in your browser settings. However, without the use of cookies, the chat function cannot be executed. The possible disclosure of, for example, names, email addresses, or a telephone number is voluntary and with the consent to temporarily use and store these data for the purpose of making contact until the end of the contact. These personal data are deleted after 90 days. The legal basis for data processing is according to Art. 6 Para. 1 lit. a GDPR, § 25 Para. 1 TTDSG based on your consent. DialogShift offers further information on data collection and use as well as your rights and options for protecting your privacy at https://www.dialogshift.com/datenschutz.
Revision of our privacy policy
We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. Your next visit will be subject to the new privacy policy.
Our social media appearances
This privacy policy applies to the following social media presence
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below.
Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.
Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.
Legal basis
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
Storage time
The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions – in particular, retention periods – remain unaffected.
We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).
Your rights
You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.
Individual social networks
Facebook
We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.
We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/4452
Instagram
We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
For details on how they handle your personal information, see the Instagram Privacy Policy: https://privacycenter.instagram.com/policy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/4452