Data protection declaration
With regard to your personal data, we want you to feel secure when visiting the Adrialin GmbH and Adrialin Blue GmbH (www.adrialin.com) websites. We would like to inform you of how your data is used by us and how you can exercise your rights.
1. Name and contact details of persons responsible and representative
Telephone number: +39 06 9763 3970
Managing Director: Josip Šojat
Telephone number: +39 06 9763 3970
Managing Director: Josip Šojat
2. General information for visitors to this website
As part of the booking process, certain cookies from your browser are stored onto your computer's hard drive. These are small text files which you can delete at any time. Most web browsers automatically accept cookies. You can also individually adjust your browser settings.
You can set your browser so that it informs you when cookies are used, allowing you to accept or reject the cookies in each individual case. If a cookie is not accepted, the functionality of our website may be restricted.
The following cookies remain after your browser session:
-pid: This is a cookie which is only stored if you visit a partner site linked to Adrialin. Only the partner's identification number will be stored. Duration: 30 days
-utm_term: This cookie is used if you are transferred to our website via a HomeToGo web page. The click ID that transferred you to us is saved. No personal details are referenced here and are only used by HomeToGo for internal statistics (e.g. booking market, selected property, filter used, etc.). Duration: 30 days
These cookies serve to monitor the success of marketing campaigns. Without this data it is impossible for us to evaluate marketing campaigns and manage them accordingly. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in evaluating the success of their marketing campaigns and controlling them accordingly. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.
-seen_on: This cookie is used if you are directed to another website via an advert on our property or travel description. A code is stored for the corresponding website from which you were directed to us. Upon confirming a booking, a cookie on the booking page will determine whether the code for the so-called conversion tracking should be effected. This allows us to determine which adverts lead to bookings. No personal data will be referenced however. Duration: 30 days
-XSRF-TOKEN: This cookie is designed to protect against third-party modifications to data. This cookie has no fixed term and is reset each time this site is visited.
-adrialin_session: This cookie is designed to identify the current browser session. running time: 60 minutes
These cookies serve to improve the user-friendliness of our website. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in optimising the user-friendliness of their web presence in order to increase travel sales. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.
2.2. Local Storage
To make our website as easy as possible to use, so-called local storage technology is used (also called 'local data' and 'local memory). Data is stored locally in your browser's cache - provided the cache is not cleared - which remain active after the browser window or program have been closed and can be transferred. The following information is saved here:
- appFileDate: The date is stored parallel to appFileName. This is primarily intended for following up any developments so that we can locate any potential problems as quickly as possible.
- navBarFontSize: This is the font size of the main menu. Different languages have different word lengths. The font size is adjusted accordingly so that the main menu always fits on one line.
- search: Your search parameters (e.g. travel dates, number of travellers, property type) are saved here.
The use of local storage serves to improve usability. This data is processed in accordance with Article 6, para. 1, sentence 1, letter f) GDPR. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in optimising the user-friendliness of their web presence in order to increase travel sales. Since data is only used from persons who have expressed their interest in our offers and services, this in no way affects the fundamental rights of individuals concerned.
If you do not wish for local storage features to be used, you can amend this by changing the settings on your browser platform depending on the operating system of app used.
2.3. Google Analytics
In order to improve our offers we collect statistical data regarding its use. For this reason we use the Google Analytics service. This ensures that no connection is made to the abovementioned cookies. Google requires that we submit the following declaration:
Data will be deleted after 26 months.
2.4. Google Remarketing
2.5. Google AdWords
2.6. Google reCAPTCHA
2.8. Purpose of processing and legal bases for Google services
We use the Google Remarketing and Google AdWords services in order to monitor and control the success of our marketing campaigns.
We use Google Analytics for the purpose of acquiring information about the use of our site in order to optimise the user-friendliness of our website.
We use Google Maps to display the location of our property in the property description and to thus better advertise our products.
We use Google reCAPTCHA in order to protect our forms from misuse or hackers and thereby ensure the security of your personal data.
As an online travel company, we have a legitimate interest in monitoring and controlling the success of our marketing campaigns, acquiring information about the use of our website and ensuring that this is not misused, and advertising our products as well as possible to increase sales. This is not possible without the provision of data. Article 6, paragraph 1, sentence 1, letter f) GDPR forms the legal basis for the processing of data.
2.9. SSL encryption
Thanks to high-performance SSL encryption technology (Secure Sockets Layer) as well as PCT security standards (Private Communication Technology) supported by all major browsers, all of your transactions are protected. SSL encrypts your personal data before it is sent via the internet. This makes online business transactions as secure as telephone transactions. If your browser does not support secure transactions or you do not wish to carry out an online transaction, you can call us on +39 06 9763 3970 from Monday to Friday (excluding bank holidays) from 9 am -6 pm to place your order. An employee will take your details in person.
2.10. Links to other sites
3. Facebook fanpage
Personal data is collected about you when you visit our Facebook fan page. If you are logged in, this is your profile information on Facebook. In all cases this is your IP address and browser information. These data are processed by Facebook Ireland and us as the joint parties responsible. The related agreement is available to read here: https://www.facebook.com/legal/terms/page_controller_addendum
4. Processing customer and prospective customer data
4.1. Purpose and legal bases of data processing, consequences of non-provision of data and duration of storage
4.1.1. Contact form on our website and emails
Your communication data and messages sent via the contact form on our website or by email are used by us for the purpose of processing your request regarding a particular travel offer or your booking, the creation of offers upon request and for follow-up questions and stored for a period of 6 years. Collection, storage and transfer consequently takes place for the purpose of pre-contractual measures at the request of the individual concerned and for the fulfilment of the contract of the individual concerned pursuant Article 6, paragraph 1, sentence 1, letter b) GDPR. By withholding this data from us it is impossible for us to answer any queries you may have.
4.1.2. Data you submit upon making a booking
Upon booking you will be required to supply us with your surname, first name as well as the surname and first name of any co-travellers, your address, communication information, dates of birth, and the age of any children if applicable as well as your payment details. The IP address will also be logged and saved. If the booking is made via a travel agency rather than by you directly, this data will be passed on to us by the travel agency. These details are required for concluding the agreement. These are used for the following purposes:
Fulfilment of the travel agreement concluded with us
Booking, re-booking and cancellation of travel services with service providers
Invoices, electronic payment transactions and credit card payments, reminders, debt collection, invoicing with service providers
Booking confirmation, recording guest requirements, complaints, damage claims (travel cancellation insurance), creation of travel documents
Guest surveys and marketing campaigns
Evaluation of travel services and our services, information about travel offers
Data obtained for fulfilment of the travel agreement, invoicing and provision of services is processed on the legal basis of fulfilment of a contract or precontractual measures pursuant to Article 6, para. 1, sentence 1, letter b) GDPR. If this data is not provided we will be unable to book the desired travel services with the service provider for you, to respond to your enquiries, send you travel documents or fulfil the travel agreement concluded with you.
Article 6, paragraph 1, sentence 1, letter f) forms the legal basis for the purpose of guest surveys and marketing campaigns. Adrialin GmbH and Adrialin Blue GmbH have a legitimate interest in allowing its travel services and its own services to be rated by customers for the purposes of quality assurance and to advertise their travel offerings to increase sales. Since review requests and travel offers are only sent to existing customers who have already expressed an interest in our offers and services, it cannot be assumed that the statutory rights of the individual concerned have been affected. Without the provision of this data, it is not possible to review our service and/or deliver the booked travel services and provide you with travel offers. You may revoke your consent to data transfer at any time without incurring any costs other than the transmission costs based on the standard tariffs by sending an email to <a href=&mailto:firstname.lastname@example.org&>email@example.com</a>. Upon receipt of your objection we will refrain from sending any more content.
Contract details are stored for a period of 6 years. The statutory storage period for invoices and financial transactions is 10 years.
4.2. Recipient of the data
Your data is stored in our back-end systems on hosted servers and a cloud server. Our employees, as well as employees in our parent and subsidiary companies, have access to this data since they are responsible for providing customer service and require access to your booking information and data for this purpose. Our accountant also requires access to our system for the purpose of overseeing our accounts and recording incoming payments. The transfer of your data is legally required to fulfil the contract and to fulfil a legal obligation on our part as the responsible party (Article 6, paragraph 1, sentence 1, letters b) and c) GDPR).
Depending on which offer you book with us, your personal details will be passed on to the service provider (lessor, hotels, airlines, consolidators, incoming agencies, bed databases, rental car providers) either directly or via booking systems and technical providers. The transfer of your data in this case depends on fulfilment of the travel agreement with you (Article 6, paragraph 1, sentence 1, letter b) GDPR).
Invoicing and payment data is passed on to technical providers, financial institutes and payment service providers as well as tax authorities if required. If making payment using credit card or instant transfer, enter your payment details in the BS PAYONE GmbH integrated booking form who process this data for us. Your payment information will not be stored in our system in this instance. The legal basis for transferring your data to technical providers, financial institutes and payment service providers is the fulfilment of the travel agreement with you (Article 6, paragraph 1, letter b) GDPR). The transfer of data to our accountant and, where required, the tax authorities, is based on the fulfilment of a legal obligation on our part pursuant to Article 6, paragraph 1, sentence 1 letter c) GDPR.
Should you fail to meet your payment obligation, your data will be passed on to a collection service after a corresponding reminder. In the event of a legal dispute data may be passed on to a lawyer or court. Your data will be passed on for the purposes of operational interests based on Article 6, paragraph 1, sentence 1, letter f) GDPR.
For customer survey purposes, data may be passed on to Trustpilot A/S, Pilestrædet 58, 5, 1112 Copenhagen, Denmark and to TÜV Saarland Holding GmbH, Am TÜV 1, 66280 Sulzbach/Saar, Germany. The transfer of data takes place within the framework of the legitimate interests of Adrialin GmbH and Adrialin Blue GmbH based on Article 6, paragraph 1, sentence 1, letter f) GDPR.
Where service providers and booking systems are used to transfer your data, these are carefully selected by us, receive a written mandate and are bound to comply with our instructions. These are regularly monitored by us. Service providers will not pass on this data to third parties, but instead will delete them upon completion of the contract and upon expiry of the statutory storage period provided you have not consented to an extended storage period.
4.3. Data transfer to third countries
Your data will be collected and processed at our headquarters in Switzerland. Data transfer within Switzerland is permitted pursuant to Article 45, paragraph 1 GDPR since the European Commission has concluded that Switzerland offers an appropriate level of protection. Our parent and subsidiary companies and the tax office which has access to our back-end systems as well as technical providers and service providers to whom your data is transferred are exclusively situated within the European Union. Nonetheless, it is possible depending on your travel destination that our service providers may need to pass your data on to authorities or third country companies in order to fulfil the travel agreement. In this case the transfer of your personal data will depend on the exemption clause of Article 49, paragraph 1, letter b) GDPR since this is required for the fulfilment of the travel agreement.
5. Processing of data by business partners and their employees
5.1. Purpose and legal bases of data processing, consequences of non-provision of data and duration of storage
5.1.1. Travel agencies and free agents
As a travel agency or free agent you have the option of registering for an agency login on our website. Data which you send us in connection with this is used by us in order to contact you in good time regarding confirmed bookings and for invoicing and payment purposes. Your data will be processed on a legal basis for fulfilment of a contract or pre-contractual agreement pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Without the provision of data it is not possible as a travel agency to submit a booking to us and receive commission for the travel services arranged. Contract details will be deleted 6 years after the contract has finished. A statutory storage period of 10 years shall apply to commission invoices and financial transactions.
5.1.2. Service providers: lessors, hotels, partner agencies, bed database, rental car provider, airlines, consolidators
Data that you provide us with as a service provider will be used by us for the purposes of making convenient contact with regard to individual aspects of the contractual relationship, a confirmed booking, the creation of travel documents for our customers and for invoicing and booking payments. Your data will be processed on a legal basis for fulfilment of a contract or pre-contractual agreement pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. If data is not provided we are unable to book travel services for our customers and pay you the agreed fees for any bookings. Contract details will be deleted 6 years after the contract has finished. A statutory storage period of 10 years exists for service invoices and financial transactions.
5.1.3 Other business partners
As a business partner, you will often provide us with the contact details of your employees. These are stored and used to quickly respond to individual contractual provisions or for general queries. Processing depends on the legal basis of the fulfilment of the contract or pre-contractual measures pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Without the provision of these data it is not possible for us to easily contact you. Your data will be deleted upon changing a contact person or at the latest 6 years after the contract has ended. Invoices and financial transactions will be legally stored for a period of 10 years.
5.2. Recipient of the data
As a travel agency, free agent or service provider, your details will be stored in our back-end systems on hosted servers and a Cloud server. Our employees, as well as employees at our parent and subsidiary companies, have access to this data since they are responsible for supporting agencies and service providers and require access to your data as a result. Transfer to these places depends on the fulfilment of a contract with you pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. Our accountant also requires access to this information since they oversee the entering of commission and service provider invoices into the books and pay the corresponding amounts to you. Data is passed on for the purpose of fulfilling our legal obligations (Article 6, paragraph 1, sentence 1, letter c) GDPR).
As a service provider, you will generally provide us with the coordinates of your property. We use this to show the location on our website and on Google Maps and advertise your property accordingly. These are also passed on to our customers together with your name, address, contact details where required and travel information with the travel documents so that they can easily find the booked property. Transfer of your data will take place as part of the fulfilment of your contract and on the basis of Article 6, paragraph 1, sentence 1, letter b) GDPR.
As another business partner, the contact details of your contacts will be stored by one of our employees in their email management programme. This ensures that only this aspect of your personal data can be processed. Transfer to any other providers will only take place with your consent.
Invoicing and payment details will be passed on to technical providers, financial institutes and payment service providers for the purpose of fulfilment of the contract pursuant to Article 6, paragraph 1, sentence 1, letter b) GDPR. This data will also be passed on to our tax advisor for accounting purposes and to the tax authorities if required. The basis for transferring your data forms the fulfilment of a legal obligation on our part pursuant to Article 6, paragraph 1, sentence 1, letter c) GDPR.
In the event of a legal dispute data may be passed on to a lawyer or court. Your data will be passed on for the purposes of operational interests based on Article 6, paragraph 1, sentence 1, letter f) GDPR.
Where technical service providers are required for transmitting your data, these are carefully selected by us, have received a written mandate and are bound to follow our instructions. These are regularly monitored by us. Service providers will not pass on this data to third parties, but instead will delete them upon completion of the contract and upon expiry of the statutory storage period provided you have not consented to an extended storage period.
5.3. Data transfer to third countries
Your data will be collected and processed at our headquarters in Switzerland. Data transfer within Switzerland is permitted pursuant to Article 45, paragraph 1 GDPR since the European Commission has concluded that Switzerland offers an appropriate level of protection. Our parent and subsidiary companies as well as the tax office who have access to our back-end systems are based exclusively in the European Union.
In order to show locations in Google Maps, the coordinates of your property may be passed on to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data transfer to the US is permitted since the European Commission has concluded that the US offers a sufficient level of protection (Art. 45 para. 1 GDPR) and since this transmission is required for fulfilment of the service provider agreement (Article 49, para. 1, letter b) GDPR).
6. Your data protection rights
You are entitled at any time to request information about the personal data we have stored about you (Article 15 GDPR). This also concerns the recipients or categories of recipients to whom this data is passed on and the purpose of storage. You furthermore have the right under the conditions of Article 16 GDPR to correct and/or delete pursuant to Article 17 GDPR and/or limit processing of your data pursuant to Article 18 GDPR. Furthermore, you can request data transmission at any time under the provisions of Article 20 GDPR provided we still have these data stored.
In the event of processing of personal data for fulfilling a task in the general public interest (Article 6, paragraph 1, sentence 1, letter e) GDPR) or for fulfilling legitimate interests (Article 6, paragraph 1, sentence 1 letter f) GDPR) you can revoke your consent to the processing of your personal data at any time with immediate effect. In the event of an objection we shall refrain from processing your data further for the abovementioned purposes unless
- there are compelling and legitimate reasons for processing this data which outweigh your interests, rights and liberties, or
- This is required for asserting, exercising or defending legal claims.
Under the conditions of Article 21, paragraph 1 GDPR, the processing of data can be revoked for reasons arising from an individual's particular situation.
You also have the right to complain to the Federal Data Protection and Information Commissioner (www.edoeb.admin.ch) of any breaches of privacy.
Based on legal framework conditions we are not obliged to appoint a data protection officer. For all requests for information, accommodation enquiries, cancellations or oppositions to data processing please email firstname.lastname@example.org or send a letter to the address provided under 1. For more information please read the complete GDPR document available online at https://gdpr-info.eu.