bd4travel takes personal data protection very seriously and we strictly adhere to the rules of the General Data Protection Regulation (GDPR), the data protection statutes applicable in Member states of the European Union and other provisions related to data protection.
We want to point out that all data transfers in the internet (e.g. during email conversations) can suffer from security leaks. Therefore, a complete protection of data against the access of third parties is not possible.
Name and address of the controller
The party responsible for processing your personal data, the so-called “controller” within the meaning of Art. 4 no. 7 of the GDPR, is
Rödelheimer Bahnweg 23
60489 Frankfurt am Main
T +49 (0)69 2474718-201
Name and address of the Data Protection Officer
Dr. Daniel Benkert, METIS Rechtsanwälte LLP
60329 Frankfurt am Main
T: +49 69 271 388 940
F: +49 69 271 388 970
Personal data means any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Personal data therefore are, e.g. the first name and the family name, the telephone number and the e-mail address of a person. Personal data also includes information such as hobbies, memberships, personal preferences and webpages visited by a Data Subject.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Personal data will only be processed if it is permitted by law or the user agrees to the collection, use and disclosure of the data.
Purpose of Data Processing
Generally, we are processing the personal data of our users only to the extent this is required in order to operate our webpages and to make our contents and services available.
In addition, we generally collect and process personal data of our users only upon prior consent. An exception applies, if such prior consent cannot be collected for factual reasons or if statutory law permits the processing.
Lawfulness of Data Processing
If we are collecting the prior consent of the Data Subject, Art. 6 para. 1 sent. 1 lit a) GDPR serves as legal basis for the data processing.
If the data processing is necessary for the performance of a contract, to which the Data Subject is party, Art. 6 para 1 sent. 1 lit b) GDPR serves as legal basis for the data processing. This applies also with regard to any data processing, which are necessary prior to entering into a contract.
If the data processing is necessary for compliance with a legal obligation to which bd4travel is subject, Art. 6 para 1 sent. 1 lit c) GDPR serves as legal basis for the data processing.
If the data processing is necessary in order to protect the vital interests of the data subject or of another natural person, Art. 6 para 1 sent. 1 lit d) GDPR serves as legal basis for the data processing.
If the data processing is necessary for the purposes of the legitimate interests pursued by by4travel or by a third party and if such legitimate interests are not overridden by the interests or fundamental rights and freedoms of the Data Subject, Art. 6 para 1 sent. 1 lit f) GDPR serves as legal basis for the data processing.
Data Retention and Data Erasure
Our general approach is to only retain personal data for as long as is required to satisfy the purpose for which it was collected by us or provided by you, including for the duration of the applicable statute of limitations.
In certain cases, legal or regulatory obligations require us to retain personal for a set period of time. Such personal data is restricted or erased once the required retention period expires, unless further holding of this personal data is necessary for entering or performing a contract.
Finally, in some cases, we deliberately retain records in order to resolve queries or disputes, which we think, may arise from time to time.
Rights of the Data Subject
You have the right to:
- obtain from bd4travel free of charge confirmation as to whether or not personal data concerning you are being processed (Right of Access (Art. 15 GDPR))
- obtain from bd4travel without undue delay the rectification of any inadequate, incomplete or incorrect personal data concerning you (Right of Rectification (Art. 16 GDPR))
- obtain from bd4travel the erasure of personal data concerning you without undue delay provided that the processing of such personal data is not necessary (i) for exercising the right to freedom of expression and information, (ii) for compliance with a legal obligation, (iii) for reasons of public interest or (iv) for the establishment, exercise or defence of legal claims (Right to Erasure (Art. 17 GDPR)).
- obtain from bd4travel restriction of processing if (i) the accuracy of the personal data is contested by you, (ii) the data processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead, (iii) bd4travel no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or (iv) you have objected to data processing pursuant to Art 21 GDPR (Right to Restriction of Processing (Art. 18 GDPR))
- receive the personal data concerning you, which you have provided to bd4travel, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller (Right to Data Portability (Art. 20 GDPR)).
- withdraw your consent given to bd4travel at any time and without formal requirements (Art. 7 para 3 GDPR). The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
- lodge a complaint with a supervisory authority, if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR)
Furthermore, you have the right to object to the processing of your personal data at any time and without formal requirements.
To this end, please contact our data protection officer or send an e-mail to: firstname.lastname@example.org
In order to restrict the processing of your personal data accordingly, it is necessary to retain such personal data in a restricted file for control purposes. In case there is no statutory obligation to retain this information, you may also demand erasure of this personal data.
Collection and Processing of General Information (Logfiles)
Our website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. The collected data are especially:
- the browser types and versions used,
- the operating system used by the accessing system,
- the website from which an accessing system reaches our website (so-called referrers),
- the sub-websites,
- the date and time of access to the Internet site,
- an Internet protocol address (IP address),
This collected data and information is processed by us for the following purposes:
- delivering the content of our website correctly,
- optimizing the content of our website,
- ensuring the long-term viability of our information technology systems and website technology.
Art. 6 para. 1 sent. 1 lit f) GDPR serves as legal basis for this data processing. Our legitimate interest results from the aforementioned purposes of the data processing. When using the collected data and information, bd4travel does not draw any conclusions about the data subject.
Without this data and information, it would technically not be possible to deliver and show the contents of our website. To this end, the collection of this data is necessary. You also allow us to improve the technical set-up and the contents of our websites. We reserve the right to review and control the logfiles in case we have reason to suspect an illicit use of our websites.
The aforementioned data and information are erased once they are no longer required for the purposes for which they were collected. If the data was collected in order to deliver the contents of our websites, this is the case once the respective session is closed.
You can also use this website without cookies. However, some comfort features (for example the newsletter subscription) will not function. Cookies can be rejected by a corresponding setting in your browser by deactivating the storage of cookies or setting the browser (usually under “Options” or “Settings”) to notify you when cookies are send.
Although only pseudonymized data is collected and processed, we offer you the option to disable cookies for personalizing content. Please note, however, that your website preferences will be lost. Click on the following button to deactivate or reactivate cookies:
On bd4travel.com we use the following Cookies:
|Provider||Provider notes on the purpose||Type||Further information|
|Google Analytics||Please see below||Permanent, 2 years storage period||https://policies.google.com/technologies/partner-sites|
|Bloom||eMail Opt-In and Lead Generation Plugin for WordPress||Permanent, expires after 1 year||https://www.elegantthemes.com/policy/privacy/|
|LinkedIn Insight Tag||Please see below||Permanent, expires after 6 months||https://www.linkedin.com/legal/cookie-policy|
|WordPress||WordPress is a free and open-source content management system (CMS) based on PHP and MySQL||Session cookie (PHP)||https://automattic.com/privacy/|
|bd4travel||Privacy notice accepted||Permanent, 1 month storage period||https://bd4travel.com/privacy-policy|
Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not associate your IP address with any other data held by Google.
Furthermore, you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.
You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website: Click here to opt-out.
Please note that on this website, Google Analytics code is supplemented by “anonymizeIp” to ensure an anonymized collection of IP addresses (so called IP-masking).
We use “reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analysis take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
Google Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) that allows marketed website tags to be managed using an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not register personal data. The tool causes other tags to be activated which may, for their part, register data under certain circumstances. Google Tag Manager does not access this information. If recording has been deactivated on domain or cookie level, this setting will remain in place for all tracking tags implemented with Google Tag Manager.
YouTube: social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA; Website: https://www.youtube.com; data protection declaration: https://policies.google.com/privacy; optout settings: opt-out-plugin: https://tools.google.com/dlpage/gaoptout?hl=de, ad settings https://adssettings.google.com/authenticated.
LinkedIn Conversion Tracking and Insight Tag
This website uses LinkedIn Insight Tag, which is a solution operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted. The LinkedIn browser cookie is stored in a visitor’s browser until they delete the cookie or the cookie expires (there’s a rolling six-month expiration from the last time the visitor’s browser loaded the Insight Tag).
Type and scope of processing
If you register on our website to receive our newsletter, we collect your e-mail address and name and store this information together with the date of registration and your IP address. You will then receive an e-mail in which you must confirm your registration for the newsletter (double opt-in). If you do not confirm the registration, it will automatically expire and the data will not be processed for the newsletter dispatch.
To send the newsletter, we use a service of the Rocket Science Group (MailChimp): Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which, among other things, the sending of newsletters can be organised and analysed. When you enter data for the purpose of receiving newsletters (e.g. email address), this data is stored on MailChimp’s servers in the USA.
With the help of MailChimp, we can analyse our newsletter campaigns. When you open an email sent with MailChimp, a file contained in the email (so-called web-beacon) connects to MailChimp’s servers in the USA. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want any analysis by MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe directly on the website.
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of MailChimp after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.
For more details, please refer to MailChimp’s:
Use of Social Bookmarks
Social bookmarking is a centralized online service (provided by social media platform like Twitter or Facebook) which allows users to add, annotate, edit, and share bookmarks of web documents. Social media plugins are easy ways of sharing content with other people via social media platforms. The most common way is a Share or Like button.
This website makes no use of Social media plugins, it just provides straight links to social media platforms.
Encryption of personal data / security measures
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration or destruction.
In order to provide for the safety of your personal data during transmission, we are using an encryption program (e.g. SSL) via HTTPS, which reflects the state of technology.
We have taken extensive technical and operational safeguards to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorized parties. Our security procedures are regularly reviewed and adapted in line with technological advancements.
Right to Information
Your trust is important to us. Therefore, we would like to always answer your questions regarding the processing of your personal data.
If you have any questions this privacy statement cannot answer or if you wish more detailed information regarding an aspect, please do not hesitate to contact the responsible authority at bd4travel at any time.
Data Protection Officer:
Dr. Daniel Benkert, METIS Rechtsanwälte LLP
60329 Frankfurt am Main
T +49 69 271 388 940
F +49 69 271 388 970