Privacy Statement

This privacy statement provides you with all relevant information on the processing of your personal data (hereinafter also referred to as “data”) by HolidayCheck Group AG. It is extremely important to us that we are as transparent as possible in this regard. If you have questions or comments, please contact us at datenschutz@holidaycheck.com.

 

Privacy statement contents

  1. General information
    1. Scope of this privacy statement
    2. The Controller
    3. Your data protection officer
  2. This is what we do with your data
    1. When you contact us
    2. When you apply for a job
    3. When you access/use our website
    4. When you use the integrated social plug-ins
  3. When and how we transfer your data
    1. How long we store data
    2. Your rights
    3. Changes to this privacy statement

 

I. General information

Your personal data is processed in compliance with European data protection laws.

You are neither contractually nor legally obligated to make your personal data available. However, if you do not provide this information, the quality of the respective service may be diminished or you may not be able to use it at all.

1. Scope of this privacy statement

This privacy statement provides you with information on how we process your data when you access or use our website holidaycheckgroup.com/ (including all subdomains operated as part of this domain).

2. The Controller

The Controller for the processing of your personal data within the scope of this privacy statement is HolidayCheck Group AG, Neumarkter Straße 61, D-81673, Munich.

3. Your data protection officer

We have appointed the following person as data protection officer:

 

Dipl.-Kfm. Marc Althaus

DSEXTERN GmbH

Frapanweg 22

22589 Hamburg

 

If you have questions for our data protection officer, please use the contact form at https://www.dsextern.de/anfragen.

 

II. This is what we do with your data

We collect and process your data primarily to provide you the desired services.

1. When you contact us

When you e-mail us, we process the necessary data to handle your request.

Processed data:

Your email address as well as the data contained in your email.

Legal basis:

The legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 letter f GDPR, whereby our legitimate interests are in the provision of a functioning customer service and the processing of requests.

 

2. When you apply for a job

When you apply for a job via our Website, we process the necessary data to conduct the application process.

Processed data:

Name, address, contact information and communications data such as a phone number, email address as well as the contents of your application materials.

Legal basis:

The legal basis for the processing is our legitimate interest pursuant to Art. 6 para. 1 letter f GDPR, whereby our legitimate interests are in the proper conducting of the application process.

 

3. When you access/use our website

When you access one of our websites, available at holidaycheckgroup.com (including all subdomains operated as part of this domain), we process the necessary data to find out how users use our website and to adapt it correspondingly.

For this purpose, we use Google Analytics, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 Ireland.

https://policies.google.com/privacy, https://tools.google.com/dlpage/gaoptout?hl=de.

The data processed in connection with the use of our website is not assigned to a natural person but processed pseudonymised using cookie IDs or other identifiers.

You can deactivate/delete the cookies and block the placing of new cookies in the settings of your browser or place an objection cookie (opt-out cookie) with the provider to prevent the provider from storing and processing your data in the future. More information on this can be found by clicking on the hyperlink above. However, please note that your preferences will be lost when you delete the opt-out cookie.

 

4. When you use the integrated social plug-ins

We have integrated various social plug-ins on our website. When you click on these plug-ins, the respective provider will place cookies in your device and collect data on your visit to our website.

Facebook plug-ins

We use plug-ins of the social network facebook.com. These plug-ins are operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. When you click on the integrated Facebook button, your browser will connect to the servers of Facebook. The content of the plug-in is transmitted to your browser straight from Facebook.

That allows Facebook to track your visit to our website, even if you do not have a Facebook account or are not logged in to Facebook, and match it to a Facebook account if you are registered at Facebook or recently visited a Facebook page or a page with content from Facebook. Furthermore, additional information such as your IP address may be transmitted to Facebook from your browser.

More detailed information on the nature, purpose, extent, further processing and use of your data by Facebook as well as additional information on your respective rights and the setting options to protect your privacy is provided in the data protection policy of Facebook.

Link: Facebook’s privacy policy (https://www.facebook.com/about/privacy/)

Twitter plug-ins

We use plug-ins of the Twitter microblogging service. These plug-ins are operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. When you click on the integrated Twitter button, your browser will connect to the servers of Twitter. The content of the plug-in is transmitted to your browser straight from Twitter.

That allows Twitter to track your visit to our website, even if you do not have a Twitter account or are not logged in to Twitter, and match it to a Twitter account if you are registered at Twitter or recently visited a Twitter page or a page with content from Twitter. Furthermore, additional information such as your IP address may be transmitted to Twitter from your browser.

More detailed information on the nature, purpose, extent, further processing and use of your data by Twitter as well as additional information on your respective rights and the setting options to protect your privacy is provided in the data protection policy of Twitter.

Link: Privacy information from Twitter (https://twitter.com/privacy)

Xing plug-ins

We use plug-ins of the Xing network. These plug-ins are operated by New Work SE Dammtorstraße 30, 20354 Hamburg, Germany. When you click on the integrated Xing button, your browser will connect to the servers of Xing. The content of the plug-in is transmitted to your browser straight from Xing.

That allows Xing to track your visit to our website, even if you do not have a Xing account or are not logged into your Xing account, and match it to a Xing account if you are registered at Xing or recently visited a Xing page or a page with content from Xing. Furthermore, additional information such as your IP address may be transmitted to Xing from your browser.

More detailed information on the nature, purpose, extent, further processing and use of your data by Xing as well as additional information on your respective rights and the setting options to protect your privacy is provided in the data protection policy of Xing.

Link: Privacy information from Xing (https://www.xing.com/app/share?op=data_protection)

LinkedIn plug-Ins

We use plug-ins of the LinkedIn network. These plug-ins are operated by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When you click on the integrated LinkedIn button, your browser will connect to the servers of LinkedIn. The content of the plug-in is transmitted to your browser straight from LinkedIn.

That allows LinkedIn to track your visit to our website, even if you do not have a LinkedIn account or are not logged into your LinkedIn account, and match it to a LinkedIn account if you are registered at LinkedIn or recently visited a LinkedIn page or a page with content from LinkedIn. Furthermore, additional information such as your IP address may be transmitted to LinkedIn from your browser.

More detailed information on the nature, purpose, extent, further processing and use of your data by LinkedIn as well as additional information on your respective rights and the setting options to protect your privacy is provided in the data protection policy of LinkedIn.

Link: Privacy information from LinkedIn (https://www.linkedin.com/legal/privacy-policy)

 

III. When and how we transfer your data

Transfer within the Group

The companies of the HolidayCheck Group are working closely together in providing their services. Therefore, other HolidayCheck Group companies will also access your data, if necessary, to support HolidayCheck Group AG in providing its services.

Transfer to external service providers

As it provides its services, the HolidayCheck Group AG also makes use of external service providers, such as hosting or software service providers or service providers in the context of the application processes. In this context, data is only processed for the purposes specified by the HolidayCheck Group AG, in accordance with its instructions and under its supervision.

Transfer to other Controllers

We use your personal data exclusively for internal purposes. Data is not forwarded to any third parties.

Transfer to the authorities

If a law or other type of regulation or the decision of an authority or a court compels us to do so, we will transfer data to the necessary extent to the authorities or other third parties.

Transfer to third countries

Data will be transferred to third countries only within the scope of and in compliance with  the strict conditions set out in Art. 44 – 49 GDPR. Correspondingly, we will only transfer the data based on an adequacy decision of the EU Commission or, we ensure an adequate level of data protection by means of the EU Standard Contractual Clauses.

 

IV. How long we store data

We do not store the data longer than required for the respective purpose. If we no longer need your data, then it will be deleted on a regular basis unless we are obligated to retain it. This obligation may arise from commercial and tax law or as part of a legal dispute.

If you submit an application, we will delete the data six months after the application process has ended. Insofar as there are no legal obligations to retain data, we would also be pleased to amend or delete such data at an earlier date upon your request. Please contact our HR department accordingly.

We store data that we collect and process in the context of communication with you for a maximum of 2 years.

 

V. Your rights

If the respective conditions are met, you, as a data subject, have the following rights based on GDPR: Right of access to stored data (Art. 15 GDPR), right of rectification of incorrect data (Art. 16 GDPR), Right to erasure of the data (Art. 17 GDPR), Right to restriction of processing (Art. 18 GDPR), Right to object to unreasonable data processing (21 GDPR), right to data portability (Art. 20 GDPR).

To exercise these rights, please use the contact data listed in I. 2. or send an email to datenschutz@holidaycheck.com.

 

VI. Changes to this privacy statement

We are continuously working to improve existing services and develop new ones. As a result, or due to regulatory changes, we regularly adapt this privacy statement to new developments in order to always provide you with the necessary information.

In case of significant changes, we will notify you immediately. In addition, we recommend that you read this privacy statement from time to time.

 

Munich, January 2020