Data protection declaration

With regard to your personal data, we want you to feel secure when visiting the Adrialin GmbH and Adrialin Blue GmbH (www.adrialin.com) websites. We would like to inform you of how your data is used by us and how you can exercise your rights.

1. Name and contact details of persons responsible and representative

Responsible for personal data within the scope of accommodation-only bookings and issuing rental cars pursuant to Article 4 Para. 7 GDPR
Responsible for personal data within the framework of booking package holiday flights pursuant to Article 4 paragraph 7 GDPR
Adrialin GmbH
Werftestrasse 4
6005 Luzern
Switzerland
Telephone number: +44 (0)203 499 6238
e-mail: en@adrialin.com
Managing Director: Markus Graw
Adrialin Blue GmbH
Werftestrasse 4
6005 Luzern
Switzerland
Telephone number: +44 (0)203 499 6238
e-mail: en@adrialin.com
Managing Director: Markus Graw

The Adrialin GmbH and Adrialin Blue GmbH representative in the European Union for queries in connection with the processing of personal data is
Adrialin GmbH
Klehestraße 3-5
76571 Gaggenau
Germany
Telephone number: +44 (0)203 499 6238
e-mail: en@adrialin.com
Managing Director: Josip Sojat

2. General information for visitors to this website

2.1. Cookies

As part of the booking process, certain cookies from your browser are stored onto your computer's hard drive. These are small text files which you can delete at any time. Most web browsers automatically accept cookies. You can also individually adjust your browser settings.

You can set your browser so that it informs you when cookies are used, allowing you to accept or reject the cookies in each individual case. If a cookie is not accepted, the functionality of our website may be restricted.

The following cookies remain after your browser session:

-pid: This is a cookie which is only stored if you visit a partner site linked to Adrialin. Only the partner's identification number will be stored. Duration: 30 days

-first: This is a cookie which is generated upon the first visit to our website. It contains the URL of the site from which you came provided you clicked on a link from a third-party website directing you to our siten. Duration: 90 days

-oldOrder: This is a cookie which is stored if you click on the email link for alternative offers after refusing a booking. This allows us to recognise if you are creating a new booking with us as an existing customer. Duration: 30 days.

These cookies serve to monitor the success of marketing campaigns. Without this data it is impossible for us to evaluate marketing campaigns and manage them accordingly. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in evaluating the success of their marketing campaigns and controlling them accordingly. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.

-lng: This is a cookie which stores the customer’s preferred language.Duration:1 year

-booking: This is a cookie which is generated once you confirm and submit your details in the basic or detailed search or when calculating the price of a holiday property. This remembers your choices during this and subsequent visits. Duration: 30 days

-merkzettel: This is a cookie which is used when the customer adds a property to their wish list. The contents are the item numbers of the selected properties. Duration 30 days.

-cookieconsent_status: This is a cookie that is stored once you have accepted use of cookies. This means that the notification will not be displayed each time you visit the site. Duration: 1 year.

These cookies serve to improve the user-friendliness of our website. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in optimising the user-friendliness of their web presence in order to increase travel sales. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.

2.2. Google Analytics

In order to improve our offers we collect statistical data regarding its use. For this reason we use the Google Analytics service. This ensures that no connection is made to the abovementioned cookies. Google requires that we submit the following declaration:

This website uses Google Analytics, a web analytics service provided by Google, Inc ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer to analyse your use of the website. The information generated by the cookie concerning your use of this website will be passed on to a Google server in the USA and stored there. Due to the IP anonymisation we have activated, your IP address will be shortened and cannot be associated with the user. With the consent of this website operator, Google uses this information to evaluate your use of this website, to create reports about website activity and to provide other services related to the use of the website and of the Internet. The IP address transmitted by your browser as part of Google Analytics is not associated with any other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser; however please note that if you do this you may not be able to use the full functionality of this website. You can prevent Google from collecting and processing the data generated by the cookie regarding your use of this website (including your IP address) by downloading and installing the browser plugin available from the following link. The current link is http://tools.google.com/dlpage/gaoptout?hl=de

Data will be deleted after 26 months.

2.3. Google Remarketing

Data from our website is collected and stored using Google technology (Google remarketing tag) for marketing purposes. An anonymised user profile can be created from this data and stored as cookies. Third-party providers, including Google, display advertisements on internet websites. Third-party providers, including Google, use cookies from your previous visit to this website to tailor their adverts as part of the remarketing tag function. Data collected by the remarketing tag will not be used to personally identify you as a visitor to our website without your separate consent, and will not be combined with personal data via the anonymous user profile. You can deactivate Google's use of cookies by visiting the page https://adssettings.google.com/authenticated and clicking on the "opt out" button. Alternatively, you can visit the Network Advertising Initiative's deactivation page at http://www.networkadvertising.org/managing/opt_out.asp. More information on Google's legislation can be found at http://www.google.com/intl/de/privacy.

2.4. Google AdWords

This website uses Google Adwords, an online advertising program provided by Google Inc. Conversion tracking is also used in connection with this. With the help of this program, Google AdWords places a cookie on your PC if you visit our website via a Google advertisement. The cookie will no longer be valid after 90 days. The cookie cannot be traced back to you. If you use our website while the cookie is still active, we, along with Google, are able to recognise that you clicked on a related advert in order to be redirected to our website. Each Google AdWords customer has a different cookie. As a result, cookies cannot be traced via the websites of AdWords customers. With the help of data collected by conversion cookies, conversion statistics can be created for AdWords customers. This allows us as the customer to find out the total number of users who have responded to our adverts and were redirected to the website. We do not receive any personal data about you. If you do not wish to enable this tracking process you can deactivate the Google conversion tracking cookie on your browser. Please use your browser's help feature in this instance. You can find out more about Google's privacy policy at http://www.google.de/policies/privacy/.

2.5. Google reCAPTCHA

In order to ensure adequate data security when transmitting forms we use the reCAPTCHA service by Google Inc. for registration as a travel agency in the agency application and in the contact form. This primarily serves to determine whether this information has been provided by a real person or is in fact automated processing by a machine in order to prevent robots from filling the form with spam. This service includes sending the IP address and any other data required by Google for the reCAPTCHA service. The supplementary privacy policy of Google Inc. shall apply in this instance. You can find more information about the Google Inc. privacy policy at http://www.google.de/intl/de/privacy or https://www.google.com/intl/de/policies/privacy/

2.6. Google-Maps

This website uses Google Maps to show site plans. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Through the use of this website, you express your consent to the collection, processing and use of data automatically collected by Google, one of its representatives or a third party. Data to be processed may include in particular IP addresses and user location information which is not collected without their consent (typically implemented as part of your mobile device settings). Data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

2.7. Purpose of processing and legal bases for Google services

We use the Google Remarketing and Google AdWords services in order to monitor and control the success of our marketing campaigns.

We use Google Analytics for the purpose of acquiring information about the use of our site in order to optimise the user-friendliness of our website.

We use Google Maps to display the location of our property in the property description and to thus better advertise our products.

We use Google reCAPTCHA in order to protect our forms from misuse or hackers and thereby ensure the security of your personal data.

As an online travel company, we have a legitimate interest in monitoring and controlling the success of our marketing campaigns, acquiring information about the use of our website and ensuring that this is not misused, and advertising our products as well as possible to increase sales. This is not possible without the provision of data. Article 6, paragraph 1, sentence 1, letter f) GDPR forms the legal basis for the processing of data.

2.8. SSL encryption

Thanks to high-performance SSL encryption technology (Secure Sockets Layer) as well as PCT security standards (Private Communication Technology) supported by all major browsers, all of your transactions are protected. SSL encrypts your personal data before it is sent via the internet. This makes online business transactions as secure as telephone transactions. If your browser does not support secure transactions or you do not wish to carry out an online transaction, you can call us on +49 (0)7225 9880-0 from Monday to Friday (excluding bank holidays) from 9 am -6 pm to place your order. An employee will take your details in person.

2.9. Links to other sites

In its judgement of May 1998, Hamburg District Court ruled that the integration of links may involve joint responsibility for the content of linked pages. This can only be avoided according to the District Court if the service provider explicitly distances himself from these contents, which we intend to do in this privacy policy. Adrialin GmbH and Adrialin Blue GmbH has no influence on the contents of third-party sites that can be accessed from this website via hyperlinks and does not assume any. Adrialin GmbH and Adrialin Blue GmbH expressly disassociates itself from any ambiguous or objectionable content.

3. Processing customer and prospective customer data

3.1. Purpose and legal bases of data processing, consequences of non-provision of data and duration of storage

3.1.1. Contact form on our website and emails

Your communication data and messages sent via the contact form on our website or by email are used by us for the purpose of processing your request regarding a particular travel offer or your booking, the creation of offers upon request and for follow-up questions and stored for a period of 6 years. Collection, storage and transfer consequently takes place for the purpose of pre-contractual measures at the request of the individual concerned and for the fulfilment of the contract of the individual concerned pursuant Article 6, paragraph 1, sentence 1, letter b) GDPR. By withholding this data from us it is impossible for us to answer any queries you may have.

3.1.2. Data you submit upon making a booking

Upon booking you will be required to supply us with your surname, first name as well as the surname and first name of any co-travellers, your address, communication information, dates of birth, and the age of any children if applicable as well as your payment details. If the booking is made via a travel agency rather than by you directly, this data will be passed on to us by the travel agency. These are used for the following purposes:

  1. Fulfilment of the travel agreement concluded with us
    Booking, re-booking and cancellation of travel services with service providers
  2. Invoicing
    Invoices, electronic payment transactions and credit card payments, reminders, debt collection, invoicing with service providers
  3. Services
    Booking confirmation, recording guest requirements, complaints, damage claims (travel cancellation insurance), creation of travel documents
  4. Guest surveys and marketing campaigns
    Evaluation of travel services and our services, information about travel offers

Data obtained for fulfilment of the travel agreement, invoicing and provision of services is processed on the legal basis of fulfilment of a contract or precontractual measures pursuant to Article 6, para. 1, sentence 1, letter b) GDPR. If this data is not provided we will be unable to book the desired travel services with the service provider for you, to respond to your enquiries, send you travel documents or fulfil the travel agreement concluded with you.

Article 6, paragraph 1, sentence 1, letter f) forms the legal basis for the purpose of guest surveys and marketing campaigns. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in allowing its travel services and its own services to be rated by customers for the purposes of quality assurance and to advertise their travel offerings to increase sales. Since review requests and travel offers are only sent to existing customers who have already expressed an interest in our offers and services, it cannot be assumed that the statutory rights of the individual concerned have been affected. Without the provision of this data, it is not possible to review our service and/or deliver the booked travel services and provide you with travel offers. You may revoke your consent to data transfer at any time without incurring any costs other than the transmission costs based on the standard tariffs by sending an email to <a href="mailto:dataprivacy@adrialin.com">dataprivacy@adrialin.com</a>. Upon receipt of your objection we will refrain from sending any more content.

Contract details are stored for a period of 6 years. The statutory storage period for invoices and financial transactions is 10 years.

3.2. Recipient of the data

Your data is stored in our back-end systems on hosted servers and a cloud server. Our employees, as well as employees in our parent and subsidiary companies, have access to this data since they are responsible for providing customer service and require access to your booking information and data for this purpose. Our accountant also requires access to our system for the purpose of overseeing our accounts and recording incoming payments. The transfer of your data is legally required to fulfil the contract and to fulfil a legal obligation on our part as the responsible party (Article 6, paragraph 1, sentence 1, letters b) and c) GDPR).

Depending on which offer you book with us, your personal details will be passed on to the service provider (lessor, hotels, airlines, consolidators, incoming agencies, bed databases, rental car providers) either directly or via booking systems and technical providers. The transfer of your data in this case depends on fulfilment of the travel agreement with you (Article 6, paragraph 1, sentence 1, letter b) GDPR).

Invoicing and payment data is passed on to technical providers, financial institutes and payment service providers as well as tax authorities if required. If making payment using credit card or instant transfer, enter your payment details in the BS PAYONE GmbH integrated booking form who process this data for us. Your payment information will not be stored in our system in this instance. The legal basis for transferring your data to technical providers, financial institutes and payment service providers is the fulfilment of the travel agreement with you (Article 6, paragraph 1, letter b) GDPR). The transfer of data to our accountant and, where required, the tax authorities, is based on the fulfilment of a legal obligation on our part pursuant to Article 6, paragraph 1, sentence 1 letter c) GDPR.

Should you fail to meet your payment obligation, your data will be passed on to a collection service after a corresponding reminder. In the event of a legal dispute data may be passed on to a lawyer or court. Your data will be passed on for the purposes of operational interests based on Article 6, paragraph 1, sentence 1, letter f) GDPR.

For customer survey purposes, data may be passed on to Trustpilot A/S, Pilestrædet 58, 5, 1112 Copenhagen, Denmark and to TÜV Saarland Holding GmbH, Am TÜV 1, 66280 Sulzbach/Saar, Germany. The transfer of data takes place within the framework of the legitimate interests of Adrialin GmbH and Adrialin Blue GmbH based on Article 6, paragraph 1, sentence 1, letter f) GDPR.

Where service providers and booking systems are used to transfer your data, these are carefully selected by us, receive a written mandate and are bound to comply with our instructions. These are regularly monitored by us. Service providers will not pass on this data to third parties, but instead will delete them upon completion of the contract and upon expiry of the statutory storage period provided you have not consented to an extended storage period.

3.3. Data transfer to third countries

Your data will be collected and processed at our headquarters in Switzerland. Data transfer within Switzerland is permitted pursuant to Article 45, paragraph 1 GDPR since the European Commission has concluded that Switzerland offers an appropriate level of protection. Our parent and subsidiary companies and the tax office which has access to our back-end systems as well as technical providers and service providers to whom your data is transferred are exclusively situated within the European Union. Nonetheless, it is possible depending on your travel destination that our service providers may need to pass your data on to authorities or third country companies in order to fulfil the travel agreement. In this case the transfer of your personal data will depend on the exemption clause of Article 49, paragraph 1, letter b) GDPR since this is required for the fulfilment of the travel agreement.

4. Processing of data by business partners and their employees

4.1. Purpose and legal bases of data processing, consequences of non-provision of data and duration of storage

4.1.1. Travel agencies and free agents

As a travel agency or free agent you have the option of registering for an agency login on our website. Data which you send us in connection with this is used by us in order to contact you in good time regarding confirmed bookings and for invoicing and payment purposes. Your data will be processed on a legal basis for fulfilment of a contract or pre-contractual agreement pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Without the provision of data it is not possible as a travel agency to submit a booking to us and receive commission for the travel services arranged. Contract details will be deleted 6 years after the contract has finished. A statutory storage period of 10 years shall apply to commission invoices and financial transactions.

4.1.2. Service providers: lessors, hotels, partner agencies, bed database, rental car provider, airlines, consolidators

Data that you provide us with as a service provider will be used by us for the purposes of making convenient contact with regard to individual aspects of the contractual relationship, a confirmed booking, the creation of travel documents for our customers and for invoicing and booking payments. Your data will be processed on a legal basis for fulfilment of a contract or pre-contractual agreement pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. If data is not provided we are unable to book travel services for our customers and pay you the agreed fees for any bookings. Contract details will be deleted 6 years after the contract has finished. A statutory storage period of 10 years exists for service invoices and financial transactions.

4.1.3 Other business partners

As a business partner, you will often provide us with the contact details of your employees. These are stored and used to quickly respond to individual contractual provisions or for general queries. Processing depends on the legal basis of the fulfilment of the contract or pre-contractual measures pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Without the provision of these data it is not possible for us to easily contact you. Your data will be deleted upon changing a contact person or at the latest 6 years after the contract has ended. Invoices and financial transactions will be legally stored for a period of 10 years.

4.2. Recipient of the data

As a travel agency, free agent or service provider, your details will be stored in our back-end systems on hosted servers and a Cloud server. Our employees, as well as employees at our parent and subsidiary companies, have access to this data since they are responsible for supporting agencies and service providers and require access to your data as a result. Transfer to these places depends on the fulfilment of a contract with you pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Our accountant also requires access to this information since they oversee the entering of commission and service provider invoices into the books and pay the corresponding amounts to you. Data is passed on for the purpose of fulfilling our legal obligations (Article 6, paragraph 1, sentence 1, letter c) GDPR).

As a service provider, you will generally provide us with the coordinates of your property. We use this to show the location on our website and on Google Maps and advertise your property accordingly. These are also passed on to our customers together with your name, address, contact details where required and travel information with the travel documents so that they can easily find the booked property. Transfer of your data will take place as part of the fulfilment of your contract and on the basis of Article 6, paragraph 1, sentence 1, letter b) GDPR.

As another business partner, the contact details of your contacts will be stored by one of our employees in their email management programme. This ensures that only this aspect of your personal data can be processed. Transfer to any other providers will only take place with your consent.

Invoicing and payment details will be passed on to technical providers, financial institutes and payment service providers for the purpose of fulfilment of the contract pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. This data will also be passed on to our tax advisor for accounting purposes and to the tax authorities if required. The basis for transferring your data forms the fulfilment of a legal obligation on our part pursuant to Article 6, paragraph 1, sentence 1, letter c) GDPR.

In the event of a legal dispute data may be passed on to a lawyer or court. Your data will be passed on for the purposes of operational interests based on Article 6, paragraph 1, sentence 1, letter f) GDPR.

Where technical service providers are required for transmitting your data, these are carefully selected by us, have received a written mandate and are bound to follow our instructions. These are regularly monitored by us. Service providers will not pass on this data to third parties, but instead will delete them upon completion of the contract and upon expiry of the statutory storage period provided you have not consented to an extended storage period.

4.3. Data transfer to third countries

Your data will be collected and processed at our headquarters in Switzerland. Data transfer within Switzerland is permitted pursuant to Article 45, paragraph 1 GDPR since the European Commission has concluded that Switzerland offers an appropriate level of protection. Our parent and subsidiary companies as well as the tax office who have access to our back-end systems are based exclusively in the European Union.

In order to show locations in Google Maps, the coordinates of your property may be passed on to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data transfer to the US is permitted since the European Commission has concluded that the US offers a sufficient level of protection (Art. 45 para. 1 GDPR) and since this transmission is required for fulfilment of the service provider agreement (Article 49, para. 1, letter b) GDPR).

5. Your data protection rights

You are entitled at any time to request information about the personal data we have stored about you (Article 15 GDPR). This also concerns the recipients or categories of recipients to whom this data is passed on and the purpose of storage. You furthermore have the right under the conditions of Article 16 GDPR to correct and/or delete pursuant to Article 17 GDPR and/or limit processing of your data pursuant to Article 18 GDPR. Furthermore, you can request data transmission at any time under the provisions of Article 20 GDPR provided we still have these data stored.

In the event of processing of personal data for fulfilling a task in the general public interest (Article 6, paragraph 1, sentence 1, letter e) GDPR) or for fulfilling legitimate interests (Article 6, paragraph 1, sentence 1 letter f) GDPR) you can revoke your consent to the processing of your personal data at any time with immediate effect. In the event of an objection we shall refrain from processing your data further for the abovementioned purposes unless

- there are compelling and legitimate reasons for processing this data which outweigh your interests, rights and liberties, or
- This is required for asserting, exercising or defending legal claims.

Under the conditions of Article 21, paragraph 1 GDPR, the processing of data can be revoked for reasons arising from an individual's particular situation.

You also have the right to complain to the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch) of any breaches of privacy.

6. Kontakt

Based on legal framework conditions we are not obliged to appoint a data protection officer. Please email all requests for information, accommodation enquiries, cancellations or opposition to data processing to <a href="mailto:dataprivacy@adrialin.com">dataprivacy@adrialin.com</a> or by letter to the address under section 1. For more information please read the complete GDPR document available online at https://gdpr-info.eu.