Privacy policy
In principle, you can use our website without providing personal data. In individual cases, however, it may be necessary to collect and process your personal data in order to be able to use certain functions of our website. In addition, we collect and process personal data to optimise our website and services, which we process in accordance with data protection regulations.
We take the protection of your personal data very seriously and would therefore like to inform you below about your rights and the type and scope of the respective data collection.
1. person responsible and contact person for data protection enquiries
Person responsible for processing within the meaning of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):
Select Luxury Travel GmbH
Suarezstraße 26, 14057 Berlin - Germany
Mr Dirk Gowin, Mr Thomas Wiedau
Phone: +49(0)30 69 80 21 90
e-mail: service@select-luxury.travel
Appointed as data protection officer:
Mrs Batool Shahen
Data protection officer
Suarezstr. 26
D-14057 Berlin
E-mail: shahen(at)select-luxury.travel
2. definitions
Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Person concerned
A data subject is the person whose personal data is processed by the controller.
Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Profiling
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Person responsible
The controller is the person who decides on the purposes and means of processing personal data and also carries out this processing accordingly.
Processor
The processor is another natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Receiver
The recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed.
Consent
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Violation of the protection of personal data
A personal data breach is a breach of security leading to the destruction, loss or alteration, whether accidental or unlawful, or unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Biometric data
Biometric data are personal data relating to the physical, physiological or behavioural characteristics of a natural person, obtained using special technical procedures, which enable or confirm the unique identification of this natural person, such as facial images or dactyloscopic data.
Health data
Health data is personal data that relates to the physical or mental health of a natural person, including the provision of healthcare services, and from which information about their health status is derived.
Supervisory authority
The supervisory authority is an independent state body established by a member state in accordance with Art. 51 GDPR, which is responsible for monitoring compliance with data protection laws and regulations.
3. information on the processing of personal data
We process your personal data using various technical means and, if necessary, with the assistance of other service providers. We would like to inform you about the specific details of the processing in the following points.
Visit our website
(1) When you visit our website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR, § 15 Telemedia Act (TMG)):
- - IP address and service provider
- - Date and time of the enquiry
- - Content of the request (specific page)
- - Access status/HTTP status code
- - Amount of data transferred in each case
- - Website from which the request comes
- - Browser incl. language and software version
- - Operating system and its interface
(2) The data listed in paragraph 1 is also automatically stored in the log files of our server. The log data is stored separately from other data and can only be viewed by the hoster. The log data is stored for 7 days. The legal basis for the processing of your data when you visit our website is Art. 6 para. 1 sentence 1 lit. f GDPR, § 15 Telemedia Act (TMG).
Use of cookies
- In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and through which certain information flows to the organisation that sets the cookie (in this case, us). Cookies cannot execute programmes or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.
- This website uses the following types of cookies, the scope and function of which are explained below:
Transient cookies
Persistent cookies - Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.
- Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
- You can configure your browser settings according to your wishes and also refuse to accept third-party cookies or all cookies. However, we would like to point out that you may then not be able to use all the functions of this website. The legal basis for the use of cookies is Art. 6 para. 1 sentence 1 lit. f GDPR.
Use of the contact form
- When you contact us via the contact form on our website, the data you enter (your e-mail address and regularly your name, your telephone number and the other data you provide) will be stored by us at the time of sending in order to answer your enquiry and process your request.
- As an alternative to the contact form, you can also contact us via the e-mail address provided on our website, which can be found in the legal notice.
- You can object to the processing of your personal data at any time by sending an e-mail to service@select-luxury.travel or declare your objection to the processing of your personal data to the person(s) listed in section 1. If you contact us directly by e-mail, you can object to the processing of your personal data at any time in the same way.
- We delete the data arising in this context after storage is no longer necessary or restrict processing if there are statutory retention obligations. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
- If your contact is aimed at the conclusion of a contract, the additional legal basis for the processing of your personal data is Art. 6 para. 1 lit. b GDPR.
Matomo (formerly Piwik)
- This website uses the web analysis service Matomo to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offering and make it more interesting for you as a user. The legal basis for the use of Matomo is Art. 6 para. 1 sentence 1 lit. f GDPR.
- Cookies (see section 2 above, "Use of cookies") are stored on your computer for this analysis. The information collected in this way is stored by the controller exclusively on its server in Germany. You can stop the analysis by deleting existing cookies and preventing the storage of cookies. If you prevent the storage of cookies, we would like to point out that you may not be able to use this website to its full extent. You can prevent the storage of cookies by changing the settings in your browser. You can prevent the use of Matomo by removing the following tick to activate the opt-out plug-in:
- This website uses Matomo with the "AnonymiseIP" extension. This means that IP addresses are further processed in abbreviated form, so that they cannot be directly linked to individuals. The IP address transmitted by your browser using Matomo is not merged with other data collected by us.
- The Matomo programme is an open source project. Information from the third-party provider on data protection is available at https://matomo.org/docs/privacy/.
Integration of Google reCAPTCHA
- We use the Google service reCAPTCHA to protect the contact form on our website. This is a query as to whether the entry in the contact form has been made by a human or abusively by automated, machine processing. The legal basis for the use of Google ReCaptcha is Art. 6 para. 1 sentence 1 lit. f GDPR.
- By visiting the website, the reCAPTCHA described above is retrieved from a Google server. In addition, the data mentioned under section 3, "Use of cookies" and "Visiting our website", of this statement will be transmitted. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out of your Google account before visiting our website. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the customised design of its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
- Information from the provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Integration of Google Maps
- We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently. The legal basis for the use of Google Maps is Art. 6 para. 1 sentence 1 lit. f GDPR.
- By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 3, "Use of cookies" and "Visiting our website", of this statement will be transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
- Information from the provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Integration of Google Web Fonts
- We use Google Web Fonts on this website to improve the visual presentation. These are fonts that are retrieved from a Google server when you visit our website and stored in your browser's cache to display our website. Further information can be found at https://fonts.google.com/about#. The legal basis for the use of Google Web Fonts is Art. 6 para. 1 sentence 1 lit. f GDPR.
- By visiting the website, Google receives the information that you have accessed it. In addition, the data mentioned under section 3, "Use of cookies" and "Visiting our website", of this statement will be transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out of your Google account before visiting our website. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the customised design of its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
- Information from the provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Integration of Font Awesome
- On this website, we use so-called web fonts provided by Fonticons for standardised and improved presentation. These are fonts that are retrieved from an external server when you visit our website and stored in your browser's cache to display our website. The legal basis for the use of Font Awesome Web Fonts is Art. 6 para. 1 sentence 1 lit. f GDPR.
- When you call up a page, your browser loads the required web fonts onto your PC in order to display texts and fonts correctly. In addition, the data mentioned under section 3, "Use of cookies" and "Visiting our website", of this statement will be transmitted. For this purpose, the browser you are using must connect to the Fonticons servers. As a result, Fonticons becomes aware that our website has been accessed via your IP address. If your browser does not support web fonts, a standard font will be used by your computer.
- Information from the provider: Fonticons Inc, 6 Porter Road, Apartment 3R, Cambridge, MA 02140, United States. You can find more information about Font Awesome at https://fontawesome.com/help.
Newsletter dispatch
- With your consent, you can subscribe to our newsletter, which we use to inform you about current data protection issues and events. The possible topics are listed in the declaration of consent.
- We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have registered, we will send you an e-mail to the e-mail address you have provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. We also store the IP addresses you use and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.
- The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.
- You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in every newsletter e-mail or by sending an e-mail to service@select-luxury.travel or by sending a message to the contact details given in the imprint.
Integration of YouTube videos
- We have integrated YouTube videos into our online offering that are based on https://www.YouTube.com and can be played directly from our website. These are all integrated in "extended data protection mode", i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transmitted. We have no influence on this data transfer. The legal basis for the integration of YouTube videos is Art. 6 para. 1 sentence 1 lit. f GDPR.
- By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section 3, "Use of cookies" and "Visiting our website", of this statement will be transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
- Information from the provider: YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, is responsible for data processing. Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
Integration of jQuery
- We have integrated jQuery on this website to make the site as appealing as possible. This is a fast, small and feature-rich JavaScript library. When you visit our website, animations or other files are retrieved from the jQuery server and stored in your browser's cache to display our website. By integrating jQuery, we can make our website more interesting for you as a user. You can find further information on this at http://jquery.com/. The legal basis for the use of jQuery is Art. 6 para. 1 sentence 1 lit. f GDPR.
- For the connection with jQuery, the data listed above under "Visiting our website" is transmitted to jQuery. In addition, cookies (see "Use of cookies" above) are stored on your computer to enable recognition when you visit our website again. jQuery collects and stores usage data according to its own information in pseudonymous profiles, which are stored on jQuery's servers and are protected against interference and changes by unauthorised third parties.
- You can prevent processing by deleting existing cookies and preventing the storage of cookies. You can prevent the storage of cookies by changing the settings in your browser. If you deactivate the storage of cookies, we would like to point out that you may not be able to use this website to its full extent.
- Provider information: jQuery is a project of various volunteers and part of the JS Foundation, Inc, Attn: Privacy Office, 1 Letterman Drive, San Francisco, CA 94129. further information can be found at https://js.foundation/. Further information from the provider on data protection can be found at https://js.foundation/about/governance/privacy-policy.
4. presence in social networks
- We also operate online presences (fan pages) within social networks and platforms. This allows us to present ourselves as a company, communicate with you as our customers, partners or interested parties and publish information and offers. The activity on our fan page may also be analysed using statistical data provided to us by the providers of the social networks and platforms (so-called insights data). However, data processing only takes place as soon as you interact with our fan page. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, as the data processing is based on our legitimate interests in more effective information and communication with you. In the case of contract-relevant communication with us, Art. 6 para. 1 sentence 1 lit. b GDPR is the legal basis.
- When you access and use our fan page, your personal data is processed by the providers of the social networks and platforms themselves for analysis and advertising purposes. As the operator of the fan page, we have no influence on this and we do not receive any information from the respective providers about the exact scope of data processing. The providers can thus create user profiles, e.g. to place interest-based advertising. Cookies are usually stored on your devices for this purpose. Data processing may also take place outside the European Union. The US providers of social networks and platforms are certified under the Privacy Shield, which obliges them to comply with EU data protection standards (https://www.privacyshield.gov/list). The respective provider of the social networks and platforms is primarily responsible for data processing via the fan page. You also have the option of asserting your rights as a data subject (see below under "Your rights") directly against the providers of the social networks and platforms.
- Further information on data processing and your rights can be found in the data protection declarations of the providers:
- - Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Privacy Policy: https://www.facebook.com/about/privacy/Agreement on joint responsibility: https://www.facebook.com/legal/terms/page_controller_addendumOpt-Out: http://www.youronlinechoices.com and via the settings in your personal Facebook profile, you also have the option to object to certain data processing. Facebook Ireland Ltd. is also responsible for data processing via Instagram Inc.
- - Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA; privacy policy and opt-out: http://instagram.com/about/legal/privacy/.
- - Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Privacy Policy: https://policies.google.com/privacyOpt-Out: https://adssettings.google.com/authenticated.
- - Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; privacy policy: https://twitter.com/de/privacyOpt-Out: https://twitter.com/personalization,
- - Pinterest Inc, 635 High Street, Palo Alto, CA, 94301, USA; privacy policy and opt-out: https://about.pinterest.com/de/privacy-policy.
- - LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Privacy Policy: https://www.linkedin.com/legal/privacy-policyOpt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
- - XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Privacy Policy and Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung
5. transfer to third countries
In some cases, your data will be transferred to servers outside the EU by external service providers (so-called third countries). In particular, these may be service providers in the areas of hosting, fulfilment of regulatory obligations, debt collection and marketing, whereby we carefully select these service providers and contractually oblige them to comply with data protection in accordance with the legal requirements. If the service providers are located in the USA, it is ensured that the providers have submitted to the EU-US Privacy Shield Agreement and thus an appropriate level of data protection can be guaranteed. The following companies receive data in third countries outside the European Union:
- - Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.de/intl/de/policies/privacy
- - YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA; https://www.google.de/intl/de/policies/privacy
- - Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA; https://www.facebook.com/policy.php;
- - Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA, https://help.instagram.com/155833707900388
6. your rights
You have the following rights vis-à-vis us with regard to the processing of your personal data, which you can assert informally at any time to the contact person listed above in 1.
Right to information
On request, we will provide you with information about which of your personal data we have stored, for what purpose, for how long, from what source and on what legal basis, and whether we have disclosed this data to third parties.
Right to rectification
Should it transpire that the personal data you have provided to us is incorrect or incomplete, we will correct or supplement it immediately upon request.
Right to erasure (right to be forgotten)
You have the right to have your personal data deleted immediately, provided that there is no legal obligation to retain it.
Right to restriction of processing
You can request that we restrict the processing of your personal data.
Right to object to the processing
You can object to the processing of your personal data at any time. This applies in particular if the legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR.
Right to data portability
You have the right to receive the personal data we hold about you in a universally readable format.
Right to lodge a complaint with a supervisory authority
You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us. The data protection authority of the federal state in which we have our registered office is responsible. You can find more information on this at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
We would like to politely point out that the exercise of your rights in individual cases may be subject to the fulfilment of certain conditions.
Ensuring data security and data protection
To ensure the protection and security of your personal data, we implement a large number of technical and organisational security measures, the effectiveness of which we review regularly.