Datenschutzerklärung

PRIVACY POLICY

WILDWOOD CAMPING MANAGEMENT GMBH

We are delighted that you are visiting our website and thank you for your interest in our offering. The protection of personal data is an important concern for us. Therefore, the processing of personal data, such as name, address, email address, or telephone number of a data subject, is carried out in accordance with the applicable European and national legal regulations.

If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

Of course, you can revoke your consent declaration(s) at any time with effect for the future. For this purpose, please contact the data controller. You can find the contact details at the bottom of this privacy policy.

In the following, Wildwood Camping Management GmbH (hereinafter referred to as "we", "us", etc.) would like to inform the public about the nature, scope, and purpose of the personal data processed by us. Furthermore, affected individuals are informed about their rights through this privacy policy.

TERMS AND DEFINITIONS

Our privacy policy is based on the terms used by the European legislator for the adoption of the European General Data Protection Regulation (hereinafter referred to as "GDPR"). Our privacy policy is intended to be easily understandable for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms in this privacy policy and on our website:

Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person

The data subject is any identified or identifiable natural person whose personal data is processed by the controller.

Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller or data controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor or data processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

Recipient is a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Consent is any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

RIGHTS OF THE DATA SUBJECT

Right to Confirmation: Every data subject has the right to request confirmation from the data controller as to whether personal data concerning them are being processed. If a data subject wishes to exercise this right of confirmation, they can contact the data controller at any time.

Right to Information: Every data subject has the right to obtain free information from the data controller at any time about the personal data stored about them, as well as a copy of this information. Furthermore, the European legislator grants the data subject the right to information about the following information:

  • the purposes of the processing
  • the categories of personal data processed
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations
  • if possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • the existence of the right to request rectification or erasure of personal data or restriction of processing by the controller or to object to such processing
  • the right to lodge a complaint with a supervisory authority
  • where the personal data are not collected from the data subject: any available information as to their source

the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject

Furthermore, the data subject has the right to know whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.

If a data subject wishes to exercise this right to information, they can contact the data controller at any time.

Right to Rectification: Every data subject has the right to request the immediate rectification of any inaccurate personal data concerning them. Furthermore, the data subject has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data - including by means of a supplementary declaration.

If a data subject wishes to exercise this right of rectification, they can contact the data controller at any time.

Right to Erasure (Right to be Forgotten): Every data subject has the right to demand that the data controller erase the personal data concerning them without undue delay if one of the following reasons applies and the processing is not necessary:

  • The personal data have been collected or otherwise processed for purposes for which they are no longer necessary.
  • The data subject withdraws their consent on which the processing pursuant to Article 6(1) lit. a GDPR or Article 9(2) lit. a GDPR is based, and there is no other legal basis for the processing.
  • The data subject objects to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR.
  • The personal data have been unlawfully processed.
  • The erasure of personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
  • The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

If one of the above reasons applies and a data subject wishes to have personal data stored with us erased, they can contact the data controller. The data controller will then comply with the data subject's erasure request without delay.

If we have made personal data public and are obligated as the controller under Article 17(1) GDPR to erase the personal data, we will, taking into account available technology and implementation costs, take reasonable steps, including technical measures, to inform other controllers processing the published personal data that the data subject has requested erasure of any links to such personal data or of copies or replications of such personal data, unless the processing is necessary. The controller will then arrange the necessary measures on a case-by-case basis.

Right to Restriction of Processing: Every data subject has the right to request the controller to restrict processing if one of the following conditions is met:

  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
  • The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
  • The data subject has objected to processing pursuant to Article 21(1) GDPR pending the verification of whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored with us, they can contact the data controller. The restriction of processing will then be initiated without delay.

Right to Data Portability: Every data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format. They also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data have been provided, provided that the processing is based on consent pursuant to Article 6(1) lit. a GDPR or Article 9(2) lit. a GDPR or on a contract pursuant to Article 6(1) lit. b GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, when exercising their right to data portability pursuant to Article 20(1) GDPR, the data subject has the right to have personal data transmitted directly from one controller to another, where technically feasible and if doing so does not adversely affect the rights and freedoms of others.

To exercise the right to data portability, the data subject can contact the data controller at any time.

Right to Object: Every data subject has the right, on grounds relating to their particular situation, to object at any time to processing of personal data concerning them which is based on Article 6(1) lit. e or f GDPR, including profiling based on those provisions.

We will no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.

If we process personal data for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning them for such marketing. This also applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to us processing personal data for direct marketing purposes, we will no longer process the personal data for these purposes.

In addition, the data subject has the right, on grounds relating to their particular situation, to object to processing of personal data concerning them by us for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, the data subject can contact the data controller directly. Furthermore, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject is free to exercise their right to object by automated means using technical specifications.

Automated Individual Decision-Making, Including Profiling: Every data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, as long as the decision:

  • is not necessary for entering into, or the performance of, a contract between the data subject and the controller,
  • is not authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or
  • is not based on the data subject's explicit consent.

Where such automated decision-making is necessary for entering into, or the performance of, a contract between the data subject and the controller, or is based on the data subject's explicit consent, we will implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view and to contest the decision.

If the data subject wishes to exercise rights relating to automated decision-making, they can contact the data controller at any time.

Right to Withdraw Consent: Every data subject has the right to withdraw their consent to the processing of their personal data at any time.

If the data subject wishes to exercise their right to withdraw consent, they can contact the data controller at any time.

Right to Lodge a Complaint with a Supervisory Authority: Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to them infringes this Regulation. A list of data protection officers and their contact details can be found at the following link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

COLLABORATION WITH DATA PROCESSORS AND THIRD PARTIES

If, in the course of our processing activities, we disclose data to other individuals and companies (data processors or third parties), transmit them to them, or otherwise grant them access to the data, this is done only on the basis of a legal permission (e.g., if the transfer of data to third parties, such as payment service providers, is necessary for the performance of a contract pursuant to Article 6(1) lit. b GDPR), you have consented, there is a legal obligation to do so, or based on our legitimate interests (e.g., when using agents, web hosts, etc.).

If we engage third parties to process data on the basis of a so-called "data processing agreement," this is done on the basis of Article 28 GDPR.

ROUTINE DELETION AND BLOCKING OF PERSONAL DATA

The data controller processes (in this sense also: stores) personal data of the data subject only for the period necessary to achieve the storage purpose or as required by the European legislator or other legislator in laws or regulations to which the data controller is subject.

Once the storage purpose is no longer applicable or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.

DATA PROTECTION IN APPLICATION PROCEDURES

The data controller collects and processes personal data of applicants for the purpose of handling the application process. Processing may also take place electronically. This is particularly the case if an applicant submits corresponding application documents to the data controller electronically, for example by email. If the data controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the data controller, the application documents will be automatically deleted six months after the decision to reject the application, unless deletion is opposed by other legitimate interests of the data controller. Other legitimate interest in this sense may, for example, include a burden of proof in a proceeding under the General Equal Treatment Act (AGG).

SECURITY

We implement numerous technical and organizational measures to protect your personal data against accidental or unlawful deletion, alteration, loss, and unauthorized disclosure or access.

However, internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, it is up to each data subject to also transmit personal data to us through alternative means, such as by telephone.

ENCRYPTION

For security reasons and to protect the transmission of confidential content, such as inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. When encryption is activated, the data you transmit to us cannot be read by third parties.

COLLECTION OF GENERAL DATA AND INFORMATION

Our website collects a series of general data and information with each visit by a data subject or an automated system. This general data and information are stored in the server's log files. The following may be collected:

  • The types and versions of browsers used
  • The operating system used by the accessing system
  • The website from which an accessing system reaches our website (so-called referrers)
  • The sub-webpages accessed via an accessing system on our website
  • The date and time of access to the website
  • A web protocol address (IP address)
  • The internet service provider of the accessing system

Other similar data and information that serve to avert risks in the event of attacks on our information technology systems

When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to:

  • Correctly deliver the contents of our website
  • Optimize the contents of our website as well as any advertising for it
  • Ensure the permanent functionality of our information technology systems and the technology of our website
  • Provide law enforcement authorities with the necessary information for prosecution in the event of a cyberattack

These collected data and information are therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company, ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data in the server log files is stored separately from any personal data provided by a data subject.

There is no merging of this data with other data sources.

The collection of this data is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website, for which the server log files need to be collected.

INQUIRY VIA EMAIL, PHONE, OR FAX

When you contact us via email, phone, or fax, your inquiry including all resulting personal data (name, inquiry) is stored and processed by us for the purpose of handling your request. We do not pass on this data without your consent.

The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your inquiry is related to the performance of a contract or necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) if requested.

The data sent to us via contact inquiries will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after processing your request is completed). Mandatory statutory provisions – especially retention periods – remain unaffected.

DATA TRANSMISSION FROM FORMS

The data subject has the opportunity to enter personal data for data transmission via forms on the website of the data controller. The personal data entered by the data subject in the respective input mask used for the entries is collected and stored solely for internal use by the data controller and for their own purposes. Data transmission from forms is generally encrypted.

The data controller may arrange for the transfer to one or more processors (e.g., a parcel service provider), who will also use the personal data exclusively for internal use attributable to the data controller.

Through the data transmission on the website of the data controller, the IP address assigned by the Internet service provider (ISP) of the data subject, as well as the date and time of transmission, are also stored. The storage of this data is necessary to secure the data controller. Disclosure of this data to third parties generally does not occur unless there is a legal obligation to disclose or the disclosure is for criminal or legal prosecution purposes.

The entries of the data subject, voluntarily providing personal data, serve the data controller to offer contents or services to the data subject that can only be offered to these users due to the nature of the matter.

The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your inquiry is related to the performance of a contract or necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries addressed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) if requested.

The data sent to us via contact inquiries will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after processing your request is completed). Mandatory statutory provisions – especially retention periods – remain unaffected.

CAMPING SITE SOFTWARE BOOKING EXPERTS

We use the camping site software ("Property Management System" or abbreviated "PMS") from Booking Experts B.V. (BEX) – (Chamber of Commerce number: 55796850 - Address: Pantheon 28, Enschede, Netherlands). A Property Management System is a software application predominantly used for the operation of hospitality accommodations and commercial rental properties. A PMS provider offers a computer system locally or, as with Compusoft, in the "cloud" to organize, plan, and execute daily tasks in accommodation businesses. These include:

  • Management and maintenance of bookings
  • Check-in and check-out processes
  • Planning and execution of events
  • Management of housekeeping tasks, site maintenance, etc.
  • Data analysis for key performance indicators
  • Report generation
  • Inventory supply management
  • Integration of electronic locking systems, phone systems, point-of-sale systems, etc.

Additionally, BEX provides C-Wallet functionality for guests of the camping site, enabling them to use features such as:

  • Overview and editing of past and future orders
  • Completion of personal information
  • Invitation of travel companions
  • Use of features like online check-in

The legal basis for the processing of personal data in a Property Management System is Article 6(1)(b) of the GDPR. Regarding voluntary data, the legal basis for data processing is Article 6(1)(a) of the GDPR. For the mandatory information on the registration form, the legal basis is §§ 29(2)-(4); 30 BMG in conjunction with Article 6(1)(c) of the GDPR. An agreement on data processing exists between Wildwood Camping Management GmbH and BEX according to Article 28 of the GDPR.

For further information on data protection, please visit:

https://www.bookingexperts.com/privacy-policy

BOOKING SYSTEM BOOKING EXPERTS

For online reservations and bookings, we use the online service provided by Booking Experts B.V. – (Chamber of Commerce number: 55796850 - Address: Pantheon 28, Enschede, Netherlands (hereinafter referred to as "BEX"). By clicking on the corresponding button, a browser window opens, redirecting you to BEX's website.

When you book with us, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your booking. Mandatory information required for contract processing is marked separately, while additional information is voluntary. The data is entered into an input mask and transmitted to us and stored. The following data is collected and encryptedly transmitted to us:

  • Personal master data: Name, first name, address, if applicable, date of birth
  • Communication data: Phone, email
  • Contract billing and payment data including credit card information
  • Booking data
  • If applicable, license plate numbers

Data is also forwarded to the respective payment service providers. Data will only be disclosed to third parties if disclosure is necessary for contract processing, billing purposes, or payment collection, or if you have expressly consented. In this regard, we only disclose the data required. The recipients of the data are: the respective delivery/shipping company (disclosure of name and address), collection agencies if payment needs to be collected (disclosure of name, address, order details), payment institutions for the purpose of debt collection if you have chosen direct debit as a payment method, and payment service providers – depending on the chosen payment method.

The legal basis is Article 6(1)(b) of the GDPR. Regarding voluntary data, the legal basis for data processing is Article 6(1)(a) of the GDPR. An agreement on data processing exists between us and BEX.

The collected mandatory information is necessary for the fulfillment of the contract with the user (for the provision of goods or services and confirmation of the contract content). Therefore, we use the data to respond to your inquiries, process your booking, if necessary, check creditworthiness or collect a claim, and for the purpose of technical administration of the websites. The voluntary information is provided to prevent abuse and, if necessary, to investigate crimes.

The data will be deleted as soon as it is no longer required to achieve the purpose of its collection. Due to commercial and tax law requirements, we are obliged to store your address, payment, and order data for a period of ten years after the execution of the contract. However, we restrict processing after 6 years, i.e., your data will only be used to fulfill legal obligations. If there is a continuous contractual relationship between us and the user, we will store the data for the entire term of the contract and for a period of 10 years thereafter (as mentioned above). Regarding voluntarily provided data, we will delete the data after 6 years from the execution of the contract if no further contract is concluded within this time; in this case, the data will be deleted 6 years after the completion of the last contract.

If the data is necessary for the fulfillment of a contract or for the implementation of pre-contractual measures, premature deletion of the data is only possible if contractual or legal obligations do not conflict with deletion. Otherwise, you are free to request the complete deletion of the personal data provided during registration from the data controller. Regarding voluntary data, you can revoke your consent at any time. In this case, the voluntary data will be deleted immediately.

For information on BEX's data protection, please visit:

https://www.bookingexperts.com/privacy-policy

Booking Experts Booking System

For online reservations and bookings, we use the online service provided by Booking Experts B.V. – (Chamber of Commerce number: 55796850 - Address: Pantheon 28, Enschede, Netherlands (hereinafter referred to as "BEX"). By clicking on the respective button, a browser window will open, redirecting you to BEX's website.

When you book with us, it is necessary to provide your personal data for the conclusion of the contract, which we require for processing your booking. Mandatory information necessary for the contract is marked separately, while additional information is voluntary. The data is entered into an input mask, transmitted to us, and stored. The following data is collected and transmitted to us in encrypted form:

Personal master data: Name, first name, address, if applicable, date of birth Communication data: Phone, email Contract billing and payment data including credit card information Booking data If applicable, license plate number

Data is also passed on to the respective payment service providers. Data will only be shared with third parties if it is necessary for the execution of the contract or for billing purposes, or if you have expressly consented. In this regard, we only share the necessary data. The data recipients are: the respective delivery/shipping company (sharing of name and address), collection agencies if payment needs to be collected (sharing of name, address, order details), payment institutions for the purpose of collecting claims if you have chosen direct debit as the payment method, as well as payment service providers - depending on the selected payment method. The legal basis is Art. 6 para. 1 lit. b GDPR. Regarding voluntary data, the legal basis for data processing is Art. 6 para. 1 lit. a GDPR. An order processing agreement exists between us and BEX.

The collected mandatory information is required to fulfill the contract with the user (for the provision of goods or services and confirmation of the contract content). Therefore, we use the data to respond to your inquiries, process your booking, possibly check creditworthiness or collect a claim, and for the purpose of technical administration of the websites. Voluntary information is provided to prevent abuse and, if necessary, to investigate criminal offenses.

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. Due to commercial and tax law requirements, we are obliged to store your address, payment, and order data for a period of ten years after the execution of the contract. However, we restrict processing after 6 years, meaning your data will only be used to fulfill legal obligations. If there is a continuous obligation between us and the user, we store the data for the entire duration of the contract and for 10 years thereafter (as stated above). Regarding voluntarily provided data, we will delete the data 6 years after the execution of the contract, if no further contract is concluded with the user during this time; in this case, the data will be deleted 6 years after the execution of the last contract.

If the data is necessary to fulfill a contract or to carry out pre-contractual measures, premature deletion of the data is only possible if contractual or legal obligations do not conflict with deletion. Otherwise, you are free to request the deletion of the personal data provided during registration from the data controller. Regarding voluntarily provided data, you can revoke your consent to the responsible party at any time. In this case, the voluntary data will be deleted immediately.

Information on the data protection of BEX can be found here:

https://www.bookingexperts.com/privacy-policy

External Payment Service Providers

We use external payment service providers through whose platforms you can make payment transactions:

Concardis Nets Group (https://www.concardis.com/datenschutz) Nexi Group (https://www.nexigroup.com/en/privacy-policy/) Visa (https://www.visa.de/datenschutz) Mastercard / Maestro card (https://www.mastercard.de/de-de/datenschutz.html) Sofort (https://www.klarna.com/sofort/datenschutz/) Mollie https://www.mollie.com/de/privacy

In the context of contract fulfillment, we use payment service providers based on Art. 6 para. 1 lit. b) GDPR. Furthermore, we use external payment service providers based on our legitimate interests according to Art. 6 para. 1 lit. f) GDPR to provide our users with effective and secure payment options.

The data processed by the payment service providers includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs, and checksums, as well as contract, sum, and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed and stored by the payment service providers. We do not receive any account or credit card-related information, but only information confirming or denying payment. Under certain circumstances, the data may be transmitted to credit agencies by the payment service providers. This transmission is intended for identity and credit checks. We refer to the terms and conditions and privacy policies of the payment service providers.

For payment transactions, the terms and conditions and privacy policies of the respective payment service providers apply, which can be accessed within the respective websites or transaction applications. We also refer to them for further information and for asserting revocation, information, and other data subject rights.

PayPal

On our website, we offer, among other options, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). If you choose to pay via PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a) GDPR (consent) and Art. 6 para. 1 lit. b) GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations carried out in the past.

External Hosting

We host the contents of our website with the following provider:

Timme Hosting GmbH & Co. KG Ovelgönner Weg 43 21335 Lüneburg Germany

When you visit our website, Timme Hosting collects various log files including your IP addresses. Details can be found in the privacy policy of Timme Hosting:

https://timmehosting.de/datenschutz

The use of Timme Hosting is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Data Processing Agreement

We have concluded a contract for order processing (AVV) for the use of the service mentioned above. This is a data protection required contract that ensures that the service processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Links to Other Websites

This website contains links to other websites (so-called external links).

We are responsible as a provider for our own content in accordance with applicable European and national legal provisions. These links to content provided by other providers are to be distinguished from our own content. We have no influence on whether the operators of other websites comply with the applicable European and national legal provisions. Please inform yourself about the privacy policies provided on the respective website.

Cookies

To make our website user-friendly and tailored to your needs, we use cookies. Cookies are small text files that are sent by a web server to your browser when you visit a website and are stored locally on your end device (PC, notebook, tablet, smartphone, etc.).

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific web browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other web browsers that contain other cookies. A specific web browser can be recognized and identified by its unique cookie ID. This information serves to automatically recognize you when you visit the website again with the same end device and facilitate navigation for you.

You can also give your consent or refuse cookies, including web tracking, via the settings of your web browser. You can configure your browser to refuse cookies in principle or to be informed in advance when a cookie is to be stored. However, this may impair the functionality of the website (for example, when making purchases). Your browser also offers a function to delete cookies (for example, via "delete browser data"). This is possible in all common web browsers. You can find further information in the operating instructions or in the settings of your browser.

First-Party Cookies: First-party cookies refer to persistent cookies that are stored on the computer and only lose their validity when their expiration date has passed. The term "party" refers to the domain from which the cookie originates. In contrast to third-party cookies, first-party cookies usually originate from the website operator himself. Therefore, they cannot be accessed across domains by browsers. For example, website A assigns a cookie A, which is not recognized by website B, but can only be recognized by website A. Data cannot be transferred to third parties in this way.

Third-Party Cookies: In the case of a third-party cookie, the cookie is set and recorded by a third party. These cookies are mostly used by advertisers who collect information about website visitors through their advertisements on other websites. They are data records stored in the web browser of the user when he visits a page with advertising. If he visits a page with advertising from the same provider again, he is recognized again.

COOKIEBOT

A web service of the company Cybot A/S, Havnegade 39, 1058 Copenhagen, DK (hereinafter referred to as "Cookiebot") is loaded on our website. Cookiebot enables us to provide you with precise and transparent information about the use of cookies on our website. You will receive an up-to-date and data protection-compliant cookie notice and decide for yourself which cookies you want to allow.

For this purpose, Cookiebot displays a cookie list divided into functional groups the first time you visit. Here you can enable cookies by clicking on the corresponding box. Please note that technical cookies are already stored when the website is called up, and the corresponding box is preset. If technical cookies are deselected, the use of the website or individual functions on the website may be restricted or even impossible.

If you allow cookies, the following data will be transmitted to Cybot:

IP address (in anonymized form, the last 3 digits are set to 0) Date and time of your consent our website URL technical browser data encrypted, anonymous key the cookies you have allowed (as proof of consent)

The legal basis for the use of Cookiebot results from our legitimate interest in functional cookie management and is therefore based on Art. 6 para. 1 lit. f GDPR. Another legal basis results from the fulfillment of data protection requirements in connection with consent-required cookies (e.g. also due to the "Cookie Judgment" of the European Court of Justice) and is therefore based on Art. 6 para. 1 lit. c GDPR.

If you have consented to the setting of cookies during a visit to this website, you can revoke your consent by calling up Cookiebot (see below) and canceling the selection of the relevant cookie category. In addition to the revocation option via Cookiebot, you can deactivate cookies directly with a cookie provider or prevent the processing of data by browser plug-ins. An additional option for controlling the use of cookies is available through appropriate settings that you can make in most browsers.

Further information about "Cookiebot" and the company behind it, Cybot, can be found in the privacy policy at https://www.cookiebot.com/de/privacy-policy/

GOOGLE ANALYTICS

If you have given your consent, Google Analytics is used on this website, a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

  1. Scope of processing Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by the cookies about your use of this website is usually transmitted to a Google server in the USA and stored there.

We use the User-ID feature. With the User ID, we can assign a unique, permanent ID to one or more sessions (and the activities within those sessions) and analyze user behavior across devices.

We use Google Signals. This collects additional information about users in Google Analytics who have enabled personalized ads (interests and demographic data), and ads can be delivered to these users in cross-device remarketing campaigns.

We use the 'anonymizeIP' function (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, the following data is collected, among others:

  • The pages you visit, your "click path"
  • Achievement of "website goals" (conversions, e.g., newsletter sign-ups, downloads, purchases)
  • Your user behavior (e.g., clicks, time on page, bounce rates)
  • Your approximate location (region)
  • Your IP address (in truncated form)
  • Technical information about your browser and the devices you use (e.g., language settings, screen resolution)
  • Your internet service provider
  • The referrer URL (which website/advertising medium you came to this website from)

  1. Purposes of processing On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activity.

  2. Recipients The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as the data processor. For this purpose, we have concluded a data processing agreement with Google. Google LLC, based in California, USA, and possibly US authorities may access the data stored at Google.

  3. Transfer to third countries Data may be transferred to the USA.

  4. Storage duration The data sent by us and linked to cookies is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

You can also prevent Google from collecting and processing the data generated by the cookie and related to your use of the website by: a. Not consenting to the setting of the cookie b. Downloading and installing the browser add-on to disable Google Analytics here: https://tools.google.com/dlpage/gaoptout?hl=en

You can also prevent the storage of cookies by adjusting your browser software accordingly. However, if you configure your browser to reject all cookies, you may experience limited functionality on this and other websites.

  1. Legal basis and option to withdraw consent The legal basis for this data processing is your consent, Art.6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by accessing the cookie settings and changing your selection there. You can do this at the bottom of the page, above the table of cookies used.

For more information on Google Analytics terms of use and privacy, please visit https://www.google.com/analytics/terms/us.html and https://policies.google.com/?hl=en

GOOGLE TAG MANAGER

We use Google Tag Manager on our website. Google Tag Manager is a solution that allows marketers to manage website tags through an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect personally identifiable information. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

For more information on Google Tag Manager and Google's privacy policy, please visit the following link: https://policies.google.com/privacy

GOOGLE ADS

We use "Google Ads" (formerly Google AdWords) on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). Google Ads allows us to draw attention to our attractive offers on external websites using advertising materials. This allows us to determine how successful individual advertising measures are. These advertising materials are delivered by Google via so-called "AdServers". We use so-called AdServer cookies for this purpose, which can measure certain parameters for success measurement, such as display of advertisements or clicks by users. If you access our website via a Google ad, Google Ads stores a cookie on your PC. These cookies usually expire after 30 days and are not intended to identify you personally.

For more information on how Google uses the Facebook pixel for advertising campaigns, visit https://www.facebook.com/business/learn/facebook-ads-pixel More information on Facebook's data policy can be found at https://www.facebook.com/policy.php For further information on data processing by Facebook, please visit https://www.facebook.com/about/privacy

We use these features to provide you with advertising offers that correspond to your interests.

We process your data because you have consented to this (Art. 6 para. 1 lit. a GDPR) or because we have a legitimate interest in processing the data (Art. 6 para. 1 lit. f GDPR).

We store your data for as long as we need it for the respective purpose (display of interest-based advertising), or until you have objected to the storage of your data or revoked your consent.

Disabling the "Facebook Custom Audiences" feature is possible for logged-in users at https://www.facebook.com/settings/?tab=ads#.

You can change your ad settings on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen, if you are logged in to Facebook.

FACEBOOK CONNECT

On this website, it is possible to register via the Facebook account.

Facebook Connect is an offering from Facebook, Inc. The use of Facebook Connect is subject to Facebook's privacy policy and terms of use.

When using Facebook Connect, Facebook profile data and publicly available data from your Facebook profile are transmitted to us. Conversely, data from us can be transferred to your Facebook profile. Your transmitted data is stored and processed by us for the purpose of registration on our site.

By registering on our website via Facebook Connect, you consent to the transfer of profile data from your Facebook profile to us and to the transfer of data for the use of our website to Facebook. Only data that is available in your Facebook profile as public data is transferred. We would like to point out that after changes to the data protection and terms of use of Facebook, there may also be a transfer of the Facebook profile owner's "friends list" if this has been marked as "public" in the privacy settings on Facebook.

The legal basis for the use of Facebook Connect is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your related rights and setting options to protect your privacy can be found in Facebook's data protection information (https://www.facebook.com/about/privacy/).

PINTEREST CONVERSION TRACKING

This website uses Pinterest Tag, a conversion tracking technology provided by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland ("Pinterest").

If you arrive on our website from a pin on Pinterest, we set a cookie on your computer that interacts with a JavaScript code implemented by Pinterest. Cookies are small text files that are stored on your device. These cookies expire after 180 days and are not used for personal identification.

When a user is redirected from a pin on Pinterest to pages of this website and the cookie has not expired, the tag captures certain user actions predefined by us (e.g., completed transactions, leads, website search queries, product page views). When such an action is executed, your browser sends an HTTP request from the cookie via the Pinterest Tag to the Pinterest server, transmitting specific information about the action (e.g., type of action, time, browser type of the device).

Through this transmission, Pinterest can create statistics about user behavior on our website after redirection from a Pinterest pin, which helps us optimize our offerings.

If personal user data is processed, this is done based on your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.

If you do not want to participate in tracking, you can also object by disabling the Pinterest Tag Conversion Tracking cookie in your internet browser settings. You will then not be included in the conversion tracking statistics.

For more information on Pinterest's privacy policy, please visit: https://policy.pinterest.com/de/privacy-policy

MAP TILER

This website uses MapTiler, the Maps API provided by Klokantech Technologies GmbH, Hofnerstrasse 98 Unterageri, Zug 6314, Switzerland ("MapTiler"). MapTiler is a map service that displays map excerpts for areas selected by the user on our website.

According to MapTiler, user IP addresses are stored for 20 minutes and then deleted. This is intended to prevent malicious activities. According to the provider, no other personal data is stored.

The processing is based on a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The use helps us and the user to display a graphical representation of selected areas on a map.

You can prevent the collection and processing of your data by this web service by disabling the execution of script code in your browser or by installing a script blocker in your browser.

For more information on privacy, please refer to the MapTiler Privacy Policy at https://www.maptiler.com/privacy-policy/

NAME AND ADDRESS OF THE RESPONSIBLE PARTY

Responsible party within the meaning of the EU General Data Protection Regulation (GDPR) and other applicable data protection laws of the European Union member states and other regulations with data protection character is:

Wildwood Camping Management GmbH
Valentinskamp 70
20355 Hamburg
Telephone: +49 (0)40 398030
Email: office@wildwoodcamping.de

Managing Directors:
Benjamin Ruth, Hans-Christoph Stadel

CHANGES TO THE PRIVACY POLICY

We reserve the right to modify our privacy practices and this privacy policy to adapt them to changes in relevant laws or regulations or to better meet your needs. Any changes to our privacy practices will be announced at this location. Please note the current version date of the privacy policy for this purpose.