DATA PROTECTION
Preamble
With the following data protection declaration we would like to inform you about which types of your personal data (hereinafter also referred to as "data") we process, for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both within the scope of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”).
The terms used are not gender specific.
Table of contents
- Preamble
- Responsible person
- Contact data protection officer
- Overview of processing
- Relevant legal bases
- Safety measures
- Transfer of personal data
- Deletion of data
- Use of cookies
- Business benefits
- Provision of the online offering and web hosting
- Advertising communication via email, post, fax or telephone
- Rights of data subjects
Responsible person
BIOHOTEL EGGENSBERGER, Eggensberger OHG
represented by the hotel director Johanna Eggensberger
Enzensbergstrasse 5
87629 Füssen / Hopfen am See
Germany
Tel.: +49 (0) 8362 / 9103-0
Email: info@eggensberger.de
Website: https://www.eggensberger.de
RG Kempten, HRA No. 277
VAT ID number: DE230602514
Contact data protection officer
OFF Telecommunications GmbH
Mr. Mathias Greiner
At the Högner 2 1/2
87490 Börwang
Germany
Email: mg@off.de
Overview of processing
The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.
Types of data processed
- Inventory data.
- Payment details.
- Contact details.
- Contract data.
- Usage data.
- Meta, communication and procedural data.
Categories of data subjects
- Interested persons.
- Communication partner.
- Users.
- Business and contractual partners.
Purposes of processing
- Provision of contractual services and customer service.
- Contact inquiries and communication.
- Safety measures.
- Direct marketing.
- Office and organizational procedures.
- Managing and responding to inquiries.
- Provision of our online offering and user-friendliness.
- Information technology infrastructure.
Relevant legal bases
Below you will find an overview of the legal basis of the GDPR on the basis of which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. If more specific legal bases apply in individual cases, we will inform you of these in the data protection declaration.
- Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) - The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes.
- Fulfillment of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is a party or to carry out pre-contractual measures at the request of the data subject person.
- Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR) - Processing is necessary to fulfill a legal obligation to which the controller is subject.
- Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR) - Processing is necessary to protect the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject are protected requiring personal data predominate.
In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes in particular the law to protect against misuse of personal data during data processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes and transmission and automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for the purposes of the employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. Furthermore, state data protection laws of the individual federal states may apply.
Safety measures
We take action in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, disclosure, ensuring availability and its separation. We have also set up procedures to ensure that the rights of those affected are exercised, data are deleted and responses are made to data threats. We also take the protection of personal data into account when developing or selecting hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
Transfer of personal data
As part of our processing of personal data, the data may be transmitted to or disclosed to other bodies, companies, legally independent organizational units or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data that serve to protect your data.
Deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as the consent permitted for processing is revoked or other permissions no longer apply (e.g. if the purpose for processing this data no longer applies or it is not necessary for the purpose). Unless the data is deleted because it is required for other legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.
Our data protection information may also contain further information on the storage and deletion of data, which applies primarily to the respective processing.
Use of cookies
Cookies are small text files or other storage notes that store information on end devices and read information from the end devices. For example, to save the login status in a user account, the contents of a shopping cart in an e-shop, the content accessed or the functions used of an online offer. Cookies can also be used for various purposes, e.g. for the purposes of the functionality, security and comfort of online offerings as well as the creation of analyzes of visitor flows.
Information on consent: We use cookies in accordance with legal regulations. We therefore obtain prior consent from users, unless this is not required by law. In particular, consent is not necessary if the storage and reading of the information, including cookies, is absolutely necessary in order to provide users with a telemedia service they have expressly requested (i.e. our online offering). The revocable consent is clearly communicated to the users and contains information on the respective cookie use.
Notes on data protection legal bases: The data protection legal basis on which we process users' personal data using cookies depends on whether we ask users for consent. If users consent, the legal basis for processing your data is their declared consent. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offering and improving its usability) or, if this is within the scope of the fulfillment of our contractual obligations, if the use of cookies is necessary for our purposes to fulfill contractual obligations. We will explain the purposes for which we process cookies in the course of this data protection declaration or as part of our consent and processing processes.
Storage period: With regard to the storage period, a distinction is made between the following types of cookies:
- Temporary cookies (also: session or session cookies):
Temporary cookies are deleted at the latest after a user has left an online offer and closed their device (e.g. browser or mobile application).
- Permanent cookies:
Permanent cookies remain stored even after the device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. User data collected using cookies can also be used to measure reach. Unless we provide users with explicit information about the type and storage period of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years.
General information on revocation and objection (opt-out):
Users can revoke the consent they have given at any time and can also object to the processing in accordance with the legal requirements in Art. 21 GDPR. Users can also declare their objection via their browser settings, e.g. by deactivating the use of cookies (which may also limit the functionality of our online services). An objection to the use of cookies for online marketing purposes can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.
Further information on processing processes, procedures and services:
Processing of cookie data on the basis of consent: We use a cookie consent management process, in which users consent to the use of cookies or the processing mentioned within the cookie consent management process and providers can be obtained and managed and revoked by users. The declaration of consent is saved so that it does not have to be asked again and to be able to prove consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or using comparable technologies) in order to be able to assign the consent to a user or their device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. Here, a pseudonymous user identifier is created and stored with the time of consent, information about the scope of the consent (e.g. which categories of cookies and/or service providers) as well as the browser, system and device used.
Google Maps
This site uses the Google Maps map service via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR.
You can find more information on how to handle user data in Google's privacy policy: policies.google.com/privacy?hl=de.
Application and use of Google Analytics (with anonymization function)
The person responsible for processing has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, collection and evaluation of data about the behavior of visitors to websites. A web analysis service collects, among other things, data about the website from which a data subject came to a website (so-called referrer), which sub-pages of the website were accessed or how often and for what duration a sub-page was viewed. Web analysis is primarily used to optimize a website and to analyze the cost-benefit of internet advertising.
The operating company of the Google Analytics component is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.
The person responsible for processing uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. Using this addition, the IP address of the data subject's Internet connection is shortened and anonymized by Google if our website is accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyze the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our website, and to provide other services related to the use of our website.
Google Analytics sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is able to analyze the use of our website. Each time you access one of the individual pages of this website, which is operated by the controller and into which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically triggered by the respective Google Analytics component to transmit data to Google for online analysis purposes. As part of this technical process, Google gains knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to track the origin of visitors and clicks and subsequently enable commission billing.
The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of visits to our website by the data subject. Each time you visit our website, this personal data, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on the personal data collected via the technical process to third parties.
The data subject can prevent the setting of cookies through our website at any time by means of an appropriate setting in the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
Further information and Google's applicable data protection regulations can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link https://www.google.com/intl/de_de/analytics/
Google Analytics Remarketing
Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
This function makes it possible to link the advertising target groups created with Google Analytics Remarketing with the cross-device functions of Google AdWords and Google DoubleClick. In this way, interest-based, personalized advertising messages that have been adapted to you on one device (e.g. cell phone) depending on your previous usage and surfing behavior can also be displayed on another of your devices (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browser history to your Google account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you log in with your Google account.
To support this feature, Google Analytics collects Google-authenticated user IDs, which are temporarily linked to our Google Analytics data to define and create audiences for cross-device advertising.
You can permanently opt out of cross-device remarketing/targeting by deactivating personalized advertising in your Google Account; To do this, follow this link: https://www.google.com/settings/ads/onweb/.
The summary of the data collected in your Google account is based solely on your consent, which you can give or revoke at Google (Art. 6 Para. 1 lit. a GDPR). For data collection processes that are not merged in your Google account (e.g. because you do not have a Google account or have objected to the merger), the collection of data is based on Art. 6 Para. 1 lit. f GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymized analysis of website visitors for advertising purposes.
Further information and the data protection regulations can be found in Google's data protection declaration at: https://www.google.com/policies/technologies/ads/.
Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use so-called conversion tracking. If you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked across the websites of AdWords customers. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users. If you do not want to participate in tracking, you can object to this use by easily deactivating the Google Conversion Tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.
The storage of “conversion cookies” is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
You can find more information about Google AdWords and Google Conversion Tracking in Google's data protection regulations: https://www.google.de/policies/privacy/.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Facebook pixels
Our website uses the visitor action pixel from Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) to measure conversions.
This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized.
The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage guidelines. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. As the site operator, we cannot influence this use of data.
You can find further information on protecting your privacy in Facebook's data protection information: https://www.facebook.com/about/privacy/.
You can also deactivate the “Custom Audiences” remarketing function in the ad settings area at: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this you must be logged in to Facebook.
If you do not have a Facebook account, you can deactivate Facebook usage-based advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.
Contact form (request information, apply online)
If you contact us using a form on the website or by email or apply, we will save the information you provide us as well as the general data described above. By using our form you consent to the processing of your data. We do not pass on the data to third parties and only use the data to process the contact and to answer the respective inquiry. If you contact us via email, processing the contact also represents the necessary legitimate interest in processing the data. The legal basis for processing the data, if the user has given his consent, is Article 6 Para. 1 lit. a GDPR. The legal basis for the processing of data transmitted when sending an email is Article 6 Paragraph 1 Letter f GDPR. The data transmitted to us when contacting us will be deleted as soon as they are no longer needed to achieve the aforementioned purpose. As far as the personal data from the contact form and the data sent by email is concerned, this is the case as soon as the respective conversation has ended. This in turn is the case as soon as the facts of the case have been conclusively clarified under the circumstances. If contact is also aimed at concluding a contract, the further legal basis is Article 6 (1) (b) GDPR. In this case, we will keep your request as a business letter for 7 years.
Newsletter
If you would like to receive the newsletter offered on the website, we need an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter . No further data is collected or only collected on a voluntary basis. We use this data exclusively to send the requested information and do not pass it on to third parties.
Our customers and business partners receive regular newsletters about company offers. In principle, our company's newsletter can only be received by the data subject if (1) the data subject has a valid email address and (2) the data subject registers to receive the newsletter. For legal reasons, a confirmation email will be sent using the double opt-in procedure to the email address entered by a data subject for the first time to receive the newsletter. This confirmation email is used to check whether the owner of the email address as the data subject has authorized receipt of the newsletter.
When registering for the newsletter, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration as well as the date and time of registration. The collection of this data is necessary in order to be able to understand the (possible) misuse of the email address of a data subject at a later point in time and therefore serves to provide legal protection for the person responsible for processing.
The personal data collected when registering for the newsletter is used exclusively to send our newsletter. Furthermore, subscribers to the newsletter could be informed by email if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or a change in technical circumstances. The personal data collected as part of the newsletter service will not be passed on to third parties. The data subject can cancel the subscription to our newsletter at any time. The consent to the storage of personal data that the data subject has given us for sending the newsletter can be revoked at any time. For the purpose of revoking your consent, there is a corresponding link in every newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller or to communicate this to the controller in another way.
Review platform
We also use the Customer Alliance rating platform for our website. The service provider is the German company CA Customer Alliance GmbH, Ullsteinstr. 130, Tower B, 12109 Berlin, Germany.
You can find out more about the data processed through the use of Customer Alliance in the company's privacy policy at https://www.customer-alliance.com/de/datenschutzregulations/
Business benefits
We process data from our contractual and business partners, e.g. customers and interested parties (collectively referred to as “contractual partners”) within the framework of contractual and comparable legal relationships as well as associated measures and as part of communication with the contractual partners (or pre-contractual), e.g. to respond to inquiries answer.
We process this data to fulfill our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any update obligations and remedies in the event of warranty and other service disruptions. In addition, we process the data to protect our rights and for the purposes of the administrative tasks associated with these obligations and the company organization. In addition, we process the data on the basis of our legitimate interests in proper and business management as well as security measures to protect our contractual partners and our business operations from misuse and jeopardy of their data, secrets, information and rights (e.g. for the participation of telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). Within the scope of applicable law, we only pass on the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or to fulfill legal obligations. The contractual partners will be informed about other forms of processing, e.g. for marketing purposes, as part of this data protection declaration.
We inform the contractual partners which data is required for the aforementioned purposes before or as part of the data collection, e.g. in online forms, through special marking (e.g. colors) or symbols (e.g. asterisks, etc.), or in person.
We delete the data after the expiry of statutory warranty and comparable obligations, i.e. generally after 4 years, unless the data is stored in a customer account, e.g. as long as it must be retained for legal archiving reasons. The statutory retention period is ten years for documents relevant to tax law as well as for commercial books, inventories, opening balance sheets, annual financial statements, the work instructions required to understand these documents and other organizational documents and accounting documents, and six years for commercial and business letters received and copies of the commercial and business letters sent. The period begins at the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report were prepared, the commercial or business letter was received or sent or the accounting document was created and the recording was also made has been made or the other documents have been created.
To the extent that we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.
- Types of data processed: inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Contract data (e.g. subject matter of the contract, term, customer category).
- Affected persons: interested parties; Business and contractual partners.
- Purposes of processing: provision of contractual services and customer service; Contact inquiries and communication; office and organizational procedures; Managing and responding to inquiries.
- Legal basis: fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR); Legitimate interests (Art. 6 Para. 1 Sentence 1 Letter f) GDPR).
Provision of online offerings and web hosting
We process users' data in order to be able to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.
- Types of data processed: usage data (e.g. websites visited, interest in content, access times); Meta, communication and procedural data (e.g. IP addresses, times, identification numbers, consent status).
- Data subjects: Users (e.g. website visitors, users of online services).
- Purposes of processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.); Safety measures.
- Legal basis: Legitimate interests (Art. 6 Para. 1 Sentence 1 Letter f) GDPR).
Further information on processing processes, procedures and services:
- Collection of access data and log files: Access to our online offering is logged in the form of so-called “server log files”. The server log files include the address and name of the websites and files accessed, date and time of access, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP address. Addresses and the requesting provider belong. The server log files can be used on the one hand for security purposes, e.g. to avoid overloading the servers (particularly in the case of abusive attacks, so-called DDoS attacks) and on the other hand to ensure the utilization of the servers and their stability; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further storage is necessary for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.
Advertising communication via email, post, fax or telephone
We process personal data for the purposes of advertising communication, which can take place via various channels, such as email, telephone, post or fax, in accordance with legal requirements.
The recipients have the right to revoke their consent at any time or to object to the advertising communication at any time.
After revocation or objection, we store the data required to prove previous authorization to contact or send you up to three years after the end of the year of revocation or objection on the basis of our legitimate interests. The processing of this data is limited to the purpose of possible defense against claims. Based on the legitimate interest in permanently observing the user's revocation or objection, we also store the data necessary to avoid renewed contact (e.g., depending on the communication channel, the email address, telephone number, name).
- Types of data processed: inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers).
- Affected people: communication partners.
- Purposes of processing: Direct marketing (e.g. by email or post).
- Legal basis: Consent (Art. 6 Para. 1 Sentence 1 Letter a) GDPR); Legitimate interests (Art. 6 Para. 1 Sentence 1 Letter f) GDPR).
Rights of data subjects
As a data subject, you are entitled to various rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR:
- Right to object: You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you, which is carried out on the basis of Article 6 (1) (e) or (f) of the GDPR; This also applies to profiling based on these provisions. If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; This also applies to profiling insofar as it is connected to such direct advertising.
- Right to revoke consent: You have the right to revoke your consent at any time.
- Right to information: You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with legal requirements.
- Right to rectification: In accordance with legal requirements, you have the right to request that the data concerning you be completed or that incorrect data concerning you be corrected.
- Right to deletion and restriction of processing: In accordance with the legal requirements, you have the right to demand that data concerning you be deleted immediately or, alternatively, to request a restriction of the processing of the data in accordance with the legal requirements.
- Right to data portability: You have the right to receive data concerning you that you have provided to us in a structured, common and machine-readable format in accordance with legal requirements or to request that it be transmitted to another person responsible.
- Complaint to a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of your data personal data concerned violates the requirements of the GDPR.