1. Data protection at a glance
General information
The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data means all data by which you can be personally identified. Detailed information on data protection can be found in the full privacy policy below.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the site’s legal notice (Imprint).
How do we collect your data?
Your data is collected, on the one hand, when you provide it to us. This can be, for example, data you enter into a contact form.
Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, time of page access). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyze user behavior.
What rights do you have regarding your data?
You have the right to obtain, at any time and free of charge, information about the origin, recipients, and purpose of your stored personal data. You also have the right to request rectification, restriction, or deletion of this data. For this and for further questions about data protection, you can contact us at any time at the address given in the legal notice. You also have the right to lodge a complaint with the competent supervisory authority.
Analytics tools and tools from third parties
When you visit our website, your surfing behavior may be statistically analyzed. This happens mainly with cookies and analytics programs. The analysis is usually anonymous; your surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the privacy policy below.
You can object to this analysis; we will inform you about your options to object in this privacy policy.
2. General notes and mandatory information
Data protection
We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission over the internet (e.g., communication by email) can have security gaps. Complete protection of data from access by third parties is not possible.
Controller
The controller responsible for data processing on this website is:
P & T HOLIDAY HOMES AND SERVICE j.d.o.o.
Patrick Manharter
Čižići 442
51514 Čižići
Email:
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Withdrawal of your consent to data processing
Many data processing operations are only possible with your explicit consent. You may revoke consent you have already given at any time. An informal email to us is sufficient. The lawfulness of data processing carried out before the revocation remains unaffected.
Right to object to processing in specific cases and to direct marketing (Art. 21 GDPR)
Where processing is based on Art. 6(1)(e) or (f) GDPR, you have the right, on grounds relating to your particular situation, to object at any time to the processing of your personal data, including profiling based on those provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims (objection under Art. 21(1) GDPR).
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for direct marketing purposes (objection under Art. 21(2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of data protection law, data subjects have a right to lodge a complaint with the competent supervisory authority. The competent supervisory authority is the data protection officer of the federal state in which our company has its registered office. A list of data protection officers and their contact details can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process on the basis of your consent or in performance of a contract delivered to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done where technically feasible.
SSL/TLS encryption
For security reasons and to protect the transmission of confidential content (e.g., orders or inquiries you send to us as the site operator), this site uses SSL/TLS encryption. You can recognize an encrypted connection by the browser’s address line changing from “http://” to “https://” and by the lock symbol in your browser bar.
If SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If, after concluding a contract for a fee, there is an obligation to transmit your payment data (e.g., account number for direct debit), this data is required for payment processing.
Payment transactions via common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL/TLS connection. With encrypted communication, your payment data cannot be read by third parties.
Right of access, blocking, deletion
Within the framework of applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of data processing and, if applicable, a right to rectification, blocking, or deletion of this data. For this as well as for further questions about personal data, you can contact us at any time at the address given in the legal notice.
Right to restriction of processing
You have the right to request the restriction of processing of your personal data. You can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:
- If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request restriction of processing of your personal data.
- If the processing of your personal data was/is unlawful, you may request restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it for the establishment, exercise, or defense of legal claims, you have the right to request restriction of processing instead of deletion.
- If you have objected pursuant to Art. 21(1) GDPR, a balance must be made between your interests and ours. Until it is determined whose interests prevail, you have the right to request restriction of processing of your personal data.
If you have restricted the processing of your personal data, such data—apart from storage—may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.
Objection to promotional emails
We hereby object to the use of contact data published within the scope of the legal notice obligation for the purpose of sending unsolicited advertising and information materials. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited promotional information, such as spam emails.
3. Data collection on our website
Cookies
Our web pages use cookies. Cookies do not harm your computer and do not contain viruses. Cookies help make our offering more user-friendly, effective, and secure. Cookies are small text files stored on your computer and saved by your browser.
Most of the cookies we use are “session cookies.” They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser to inform you about the setting of cookies and allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Cookies that are necessary to carry out the electronic communication process or to provide certain functions you have requested (e.g., shopping cart function) are stored on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g., for analyzing your surfing behavior) are stored, these are treated separately in this privacy policy.
Server log files
The provider of the pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:
browser type and version, operating system used, referrer URL, host name of the accessing computer, time of the server request, IP address.
This data is not merged with other data sources.
The basis for data processing is Art. 6(1)(f) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Contact form
If you send us inquiries via the contact form, the information you provide, including the contact details you enter there, will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not pass on this data without your consent.
The processing of the data entered into the contact form is therefore based exclusively on your consent (Art. 6(1)(a) GDPR). You can revoke this consent at any time. An informal email to us is sufficient. The lawfulness of the data processing operations carried out before the revocation remains unaffected.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory statutory provisions—especially retention periods—remain unaffected.
Registration on this website
You can register on our website to use additional functions. We use the data entered for this purpose only to enable you to use the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full; otherwise we will refuse the registration.
For important changes, for example in the scope of the offer, or in the event of technically necessary changes, we use the email address provided during registration to inform you in this way.
The processing of the data entered during registration is based on your consent (Art. 6(1)(a) GDPR). You may revoke consent you have granted at any time. An informal email to us is sufficient. The lawfulness of processing already carried out remains unaffected.
The data collected during registration will be stored by us as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary for establishing, structuring the content of, or changing the legal relationship (inventory data). This is done on the basis of Art. 6(1)(b) GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures. We collect, process, and use personal data about the use of our internet pages (usage data) only to the extent necessary to enable the user to use the service or to bill for it.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transfer upon contract conclusion for services and digital content
We transfer personal data to third parties only if this is necessary in the context of contract processing, for example to the credit institution entrusted with payment processing.
No further transmission of the data will take place, or only if you have expressly consented to the transmission. Your data will not be passed on to third parties for advertising purposes without your explicit consent.
The basis for data processing is Art. 6(1)(b) GDPR, which permits processing for the performance of a contract or pre-contractual measures.
4. Plugins and tools
YouTube with enhanced privacy mode
Our website uses plugins from the YouTube website. The operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. We use YouTube in enhanced privacy mode. According to YouTube, this mode prevents YouTube from storing information about visitors to this website before they view a video. However, the transfer of data to YouTube partners is not necessarily excluded by the enhanced privacy mode. YouTube connects to the Google DoubleClick network whether or not you watch a video.
As soon as you start a YouTube video on our website, a connection to YouTube’s servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, after starting a video, YouTube may store various cookies on your device. With the help of these cookies, YouTube can obtain information about visitors to our website. This information is used, among other things, to collect video statistics, improve user-friendliness, and prevent fraud attempts. The cookies remain on your device until you delete them.
Additional data processing operations may be triggered after a YouTube video starts, over which we have no control.
The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
Further information on data protection at YouTube can be found in their privacy policy: https://www.youtube.com/t/privacy_at_youtube.
Vimeo
Our website uses plugins of the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA.
When you visit one of our pages featuring a Vimeo plugin, a connection to Vimeo’s servers is established. The Vimeo server is informed which of our pages you have visited. Vimeo also obtains your IP address. This applies even if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to a Vimeo server in the USA.
If you are logged into your Vimeo account, you allow Vimeo to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.
Further information on the handling of user data can be found in Vimeo’s privacy policy: https://vimeo.com/privacy.
Google Web Fonts
This site uses web fonts provided by Google for uniform display of fonts. When you access a page, your browser loads the required web fonts into its cache to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google’s servers. This informs Google that our website was accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
If your browser does not support web fonts, a standard font from your computer will be used.
Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.
Google Maps
This site uses the Google Maps mapping service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, your IP address must be stored. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
The use of Google Maps is in the interest of presenting our online offerings attractively and to make it easy to find the places indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
More information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.